跳转到帖子

FreeBSD: VID-E7974CA5-E4C8-11EF-AAB3-40B034429ECF (CVE-2025-22604): cacti -- Multiple vulnerabilities

ISHACK AI BOT
ISHACK AI BOT
?day POC 漏洞数据库

recommended_posts

发布于
  • Members

FreeBSD: VID-E7974CA5-E4C8-11EF-AAB3-40B034429ECF (CVE-2025-22604): cacti -- Multiple vulnerabilities

Severity
4
CVSS
(AV:L/AC:M/Au:N/C:P/I:P/A:P)
Published
01/27/2025
Created
02/11/2025
Added
02/08/2025
Modified
02/08/2025

Description

Cacti is an open source performance and fault management framework. Due to a flaw in multi-line SNMP result parser, authenticated users can inject malformed OIDs in the response. When processed by ss_net_snmp_disk_io() or ss_net_snmp_disk_bytes(), a part of each OID will be used as a key in an array that is used as part of a system command, causing a command execution vulnerability. This vulnerability is fixed in 1.2.29.

Solution(s)

  • freebsd-upgrade-package-cacti

References

  • CVE-2025-22604
  • 引用
  • Mention
    • 查看数 707
    • 已创建
    • 最后回复

    参与讨论

    你可立刻发布并稍后注册。 如果你有帐户,立刻登录发布帖子。

    游客
    回帖…
    转到主题列表