NaviSec Discovers Critical Zero-Day Exploit for Cacti Services | News
NaviSec has discovered a critical zero-day exploit affecting all versions of Cacti services before their release 1.2.20. Successful exploitation may allow unauthorized access to sensitive information.
TAMPA, Florida., April 9, 2022 /PRNewswire-PRWeb/ — While conducting offensive security testing for a third-party client, NaviSec’s Delta team discovered a critical zero-day exploit for all versions of Cacti services prior to v1.2.20. Upon discovery, NaviSec reported the vulnerability to Cacti and worked with them to fix it. Cacti has now released an update that closes the vulnerability.
CVSSv3 Base Score: 9.8 Critical
CVE-2022-0730 publicly exposes at least 5000 installations. Internal installations are also affected by this vulnerability. Successful exploitation would lead to unauthorized access to sensitive information within the Cacti installation
When LDAP authentication is enabled, authentication can be bypassed, resulting in unauthorized access to the service. Depending on the configuration, this may result in administrative access to the Cacti server. A successful exploit would allow adversaries to access sensitive data, potentially modify or delete information, which would have a significant impact on confidentiality, integrity and availability.
Cacti is open source and web-based software used as:
a performance and fault management framework and a front-end RRDTool
a stack web application supported on Linux, Apache, MySQL, PHP and Windows
Prior to the release of v1.2.20, all previous versions of Cacti are affected by the vulnerability, including v1.2.19, which was released October 29, 2021.
The latest Cacti update fixes this vulnerability. It is accessible here.
dick driverNaviSec, 1 8137510523, [email protected]