The Vulnerability Discovered in the Cacti Open-Source RRD tool

Threat Level

Vulnerability Report

For a detailed threat advisory, download the pdf file here

Summary

A high-severity vulnerability named CVE-2022-46169 has been found in Cacti, a free, open-source, web-based network monitoring and graphing tool designed as a front-end application for the open-source data logging tool RRDtool. The vulnerability allows for command injection and remote code execution and was first detailed in a security advisory by Cacti in December 2022.