CVE-2025-22604

high-risk
Published 2025-01-27

Cacti is an open source performance and fault management framework. Due to a flaw in multi-line SNMP result parser, authenticated users can inject malformed OIDs in the response. When processed by ss_net_snmp_disk_io() or ss_net_snmp_disk_bytes(), a part of each OID will be used as a key in an array that is used as part of a system command, causing a command execution vulnerability. This vulnerability is fixed in 1.2.29.

Do I need to act?

!
72.2% chance of exploitation in next 30 days
EPSS score — higher than 28% of all CVEs
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
9
CVSS 9.1/10 Critical
NETWORK / LOW complexity

Affected Products (1)

Affected Vendors

Cacti

References (3)

Patch https://github.com/Cacti/cacti/commit/c7e4ee798d263a3209ae6e7ba182c7b65284d8f0
Exploit https://github.com/Cacti/cacti/security/advisories/GHSA-c5j8-jxj3-hh36
https://lists.debian.org/debian-lts-announce/2025/02/msg00010.html
55
/ 100
high-risk
Severity 31/34 · Critical
Exploitability 19/34 · Moderate
Exposure 5/34 · Minimal