CVE-2024-31445 Information

May 15, 2024 cve

Description

Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27 a SQL injection vulnerability in automation_get_new_graphs_sql function of api_automation.php allows authenticated users to exploit these SQL injection vulnerabilities to perform privilege escalation and remote code execution. In api_automation.php line 856 the get_request_var('filter') is being concatenated into the SQL statement without any sanitization. In api_automation.php line 717 The filter of 'filter' is FILTER_DEFAULT which means there is no filter for it. Version 1.2.27 contains a patch for the issue.

Reference

https://github.com/Cacti/cacti/security/advisories/GHSA-vjph-r677-6pcc https://github.com/Cacti/cacti/commit/fd93c6e47651958b77c3bbe6a01fff695f81e886 https://github.com/Cacti/cacti/blob/501712998589763d411a68d35e3cda98fd9cfd18/lib/api_automation.php#L717 https://github.com/Cacti/cacti/blob/501712998589763d411a68d35e3cda98fd9cfd18/lib/api_automation.php#L856

Share on: