CVE-2024-45598

Published: Jan 27, 2025Modified: Nov 3, 2025

4.9

Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Exploitability: 1.2 / Impact: 3.6

Source: NVD

Description

Cacti is an open source performance and fault management framework. Prior to 1.2.29, an administrator can change the `Poller Standard Error Log Path` parameter in either Installation Step 5 or in Configuration->Settings->Paths tab to a local file inside the server. Then simply going to Logs tab and selecting the name of the local file will show its content on the web UI. This vulnerability is fixed in 1.2.29.

Affected (1)

Products: Cacti: Cacti

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Cacti Cacti	Before 1.2.29

Related CWEs

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

References (3)

https://github.com/Cacti/cacti/commit/eca52c6bb3e76c55d66b1040baa6dbf37471a0ae

Source: security-advisories@github.com

Patch

https://github.com/Cacti/cacti/security/advisories/GHSA-pv2c-97pp-vxwg

Source: security-advisories@github.com

ExploitVendor Advisory

https://lists.debian.org/debian-lts-announce/2025/02/msg00010.html

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.