CVE-2025-24367

high-risk
Published 2025-01-27

Cacti is an open source performance and fault management framework. An authenticated Cacti user can abuse graph creation and graph template functionality to create arbitrary PHP scripts in the web root of the application, leading to remote code execution on the server. This vulnerability is fixed in 1.2.29.

Do I need to act?

!
90.5% chance of exploitation in next 30 days
EPSS score — higher than 10% of all CVEs
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
8
CVSS 8.8/10 High
NETWORK / LOW complexity

Affected Products (1)

Affected Vendors

Cacti

References (4)

Patch https://github.com/Cacti/cacti/commit/c7e4ee798d263a3209ae6e7ba182c7b65284d8f0
Exploit https://github.com/Cacti/cacti/security/advisories/GHSA-fxrq-fr7h-9rqq
https://lists.debian.org/debian-lts-announce/2025/02/msg00010.html
Exploit https://github.com/Cacti/cacti/security/advisories/GHSA-fxrq-fr7h-9rqq
55
/ 100
high-risk
Severity 30/34 · Critical
Exploitability 20/34 · Moderate
Exposure 5/34 · Minimal