AI description
CVE-2025-22604 is a critical vulnerability affecting Cacti network monitoring software versions 1.2.28 and earlier. The vulnerability exists in the multi-line SNMP response parser due to inadequate filtering of Object Identifiers (OIDs). While the values within the responses are filtered, the OIDs themselves are not. This allows authenticated attackers with device management permissions to inject specially crafted OIDs, leading to remote code execution on the server. Parts of these manipulated OIDs are then used as keys in an array involved in constructing system commands, enabling the attacker to inject and execute arbitrary commands with the same privileges as the Cacti application. The vulnerability has been addressed in Cacti version 1.2.29. It was discovered and reported by a security researcher known as u32i. Exploitation could allow attackers to execute arbitrary code, potentially leading to data breaches, data manipulation, or disruption of network operations. As of today, January 31, 2025, this information is current, but the situation may evolve. It is recommended to update to the latest version of Cacti to mitigate this vulnerability.
- Description
- Cacti is an open source performance and fault management framework. Due to a flaw in multi-line SNMP result parser, authenticated users can inject malformed OIDs in the response. When processed by ss_net_snmp_disk_io() or ss_net_snmp_disk_bytes(), a part of each OID will be used as a key in an array that is used as part of a system command, causing a command execution vulnerability. This vulnerability is fixed in 1.2.29.
- Source
- security-advisories@github.com
- NVD status
- Analyzed
CVSS 3.1
- Type
- Primary
- Base score
- 7.2
- Impact score
- 5.9
- Exploitability score
- 1.2
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
- security-advisories@github.com
- CWE-78
- Hype score
- Not currently trending
🚨Alert🚨 CVE-2025-22604 (CVSS 9.1): Remote Code Execution Flaw in Cacti 🔥PoC:https://t.co/HwdwpbZiaJ 📊 135.8K+ Services are found on the https://t.co/ysWb28Crld yearly. 🔗Hunter Link:https://t.co/0vJVUPHY4h 👇Query HUNTER :https://t.co/q9rtuGgxk7="Cacti" FOFA :… https://t.co/9
@HunterMapping
7 Feb 2025
3338 Impressions
19 Retweets
65 Likes
25 Bookmarks
0 Replies
0 Quotes
Cacti の RCE 脆弱性 CVE-2025-22604 (CVSS 9.1) が FIX:PoC エクスプロイトも提供 https://t.co/Y2H77KeoI1 Cacti に RCE の脆弱性が発見されました。すでにパッチ・バージョンがリリースされていますが、PoC も提供されています。ご利用のチームは、十分に ご注意ください。 #Cacti #CVE202522604… https://t.co/21JoZuLKEk
@iototsecnews
6 Feb 2025
33 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Critical #Cacti #Security #Flaw #Vulnerabilities (CVE-2025-22604) Enables #Remote_Code_Execution https://t.co/uM09J5vbpd https://t.co/u5HOpARDN1
@omvapt
2 Feb 2025
22 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
شناسایی آسیب پذیری بحرانی (CVE-2025-22604) در نرم افزار Cacti #Cyber_security_news #اخبار_امنیت_سایبری #Cacti #CVE_2025_22604 #CVE_2025_24367 https://t.co/OFk57jG6qx
@vulnerbyte
1 Feb 2025
38 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🗞️ Critical Cacti Security Flaw (CVE-2025-22604) Enables Remote Code Execution A critical vulnerability in the Cacti monitoring framework (CVE-2025-22604) allows authenticated attackers to execute remote code on affected systems. To mitigate this severe security flaw, immediate
@gossy_84
30 Jan 2025
100 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-22604 (CVSS 9.1): Remote Code Execution Flaw in Cacti, PoC Released https://t.co/gK2C0iMmfP
@Dinosn
30 Jan 2025
4088 Impressions
20 Retweets
83 Likes
22 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2025-22604 Alert! 🚨 Ensure your network is protected from this critical Cacti vulnerability. Learn the recommended security measures now! 🔒⚠️ #cybersecurity #CVE2025 #stayprotected #cactisecurity #cactivulnerability https://t.co/i1OwAeQHGn
@AbhishekMitra5
30 Jan 2025
107 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Critical Cacti Security Flaw (CVE-2025-22604) Enables Remote Code Execution Read More : https://t.co/yo70gUHT94 https://t.co/lmWgKgrwXV
@techpio_team
30 Jan 2025
64 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Investigadores han encontrado una vulnerabilidad crítica de seguridad en el software de monitoreo de red Cacti, catalogada como CVE-2025-22604, que permite a usuarios autenticados ejecutar código de manera remota. Con una calificación CVSS de 9.1, esta falla se origina en un… ht
@citarafy
29 Jan 2025
37 Impressions
0 Retweets
2 Likes
1 Bookmark
0 Replies
0 Quotes
Critical Cacti Security #flaw (#CVE-2025-22604) Enables Remote Code Execution https://t.co/qQUg0oR9YZ
@AdliceSoftware
29 Jan 2025
37 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨🚨CVE-2025-22604 (CVSS: 9.1) : Cacti Has Authenticated RCE Via Multi-Line SNMP Responses ⚠️Due to a flaw in multi-line SNMP result parser, authenticated users can inject malformed OIDs in the response. ZoomEye Dork👉app="Cacti" 179k+ results are found on ZoomEye. ZoomEye… htt
@zoomeye_team
29 Jan 2025
635 Impressions
3 Retweets
6 Likes
3 Bookmarks
0 Replies
0 Quotes
⚡Critical Cacti Security Flaw (CVE-2025-22604) Enables Remote Code Execution. #CyberNews https://t.co/AYEtcqAcej
@dilagrafie
29 Jan 2025
158 Impressions
4 Retweets
10 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️ A critical vulnerability (CVE-2025-22604) in Cacti software allows authenticated attackers to execute remote code, risking sensitive data. Update to version 1.2.29 to stay safe. 🚨 #Cacti #DataProtection #USA link: https://t.co/VJpmzE3hBp https://t.co/1csZWgn9pR
@TweetThreatNews
29 Jan 2025
69 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
Critical Cacti Security Flaw (CVE-2025-22604) Enables Remote Code Execution #CISO https://t.co/xWDWy28wUk https://t.co/z8XsE5UsdE
@compuchris
29 Jan 2025
50 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
A critical security flaw (CVE-2025-22604) in Cacti allows remote code execution for authenticated users, affecting versions up to 1.2.28. Urgent updates are necessary to protect sensitive data. ⚠️ #Cacti #DataProtection #USA link: https://t.co/ZiJw5DQbpT https://t.co/yllawtiW4W
@TweetThreatNews
29 Jan 2025
70 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
OSSの性能監視フレームワークCactiにおける重大(Critical)な脆弱性がPoC(攻撃の概念実証コード)と同時公開された。CVE-2025-22604はCVSSスコア9.1¹。複数行SNMP結果のパース不備に起因し、認証後のユーザがシステムコマンドを実行可能。 https://t.co/qJW6fRsb1V ¹ 記事では10となっているが、… https://t.co/YZyzGStj9a
@__kokumoto
29 Jan 2025
1218 Impressions
6 Retweets
9 Likes
0 Bookmarks
0 Replies
0 Quotes
Critical Cacti Security Flaw (CVE-2025-22604) Enables Remote Code Execution https://t.co/PpVaxixZPc
@Dinosn
29 Jan 2025
2246 Impressions
7 Retweets
20 Likes
2 Bookmarks
0 Replies
0 Quotes
Critical Cacti #Security #Flaw (#CVE-2025-22604) Enables Remote Code Execution https://t.co/UgDzV6K1BW
@ScyScan
29 Jan 2025
34 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Critical Cacti Security Flaw (CVE-2025-22604) Enables Remote Code Execution https://t.co/0YlxMKJpKz https://t.co/2Vf6GlySNm
@talentxfactor
29 Jan 2025
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️ A critical flaw (CVE-2025-22604) in Cacti could lead to remote code execution. If exploited, authenticated attackers could steal or manipulate sensitive data. Patch to version 1.2.29 to fix this flaw and protect your systems. Learn more: https://t.co/IrfhOjxOaZ
@TheHackersNews
29 Jan 2025
10074 Impressions
40 Retweets
86 Likes
7 Bookmarks
2 Replies
0 Quotes
CVE-2025-22604: Cacti’deki Kritik Güvenlik Açığı - Uzaktan Kod Yürütme https://t.co/RlwQSH2pme
@cyberwebeyeos
29 Jan 2025
17 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Critical Cacti Vulnerability Let Attackers Code Remotely – PoC Released https://t.co/pcwuyZYzf4 The widely used open-source network monitoring tool, Cacti, identified a critical vulnerability. The flaw, tracked as CVE-2025-22604 has a CVSS score of 9.1, indicating high severit…
@f1tym1
29 Jan 2025
16 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
A critical security vulnerability in the Cacti performance monitoring framework, identified as CVE-2025-22604, enables authenticated users to execute arbitrary code on servers by exploiting a flaw in SNMP response parsing. With a CVSS score of 10, organizations using vulnerabl...
@CybrPulse
29 Jan 2025
48 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
CVE-2025-22604 (CVSS 9.1): Remote Code Execution Flaw in Cacti, PoC Released https://t.co/FBeQDTHA9P
@the_yellow_fall
29 Jan 2025
484 Impressions
4 Retweets
11 Likes
1 Bookmark
0 Replies
0 Quotes
[CVE-2025-22604: CRITICAL] Critical flaw in Cacti's SNMP result parser fixed in version 1.2.29. Authenticated users could inject OIDs causing command execution. Update now for improved cyber security.#cybersecurity,#vulnerability https://t.co/y4Q4MPuQKt https://t.co/jClmuE3jP7
@CveFindCom
27 Jan 2025
35 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-22604 Cacti is an open source performance and fault management framework. Due to a flaw in multi-line SNMP result parser, authenticated users can inject malformed OIDs in t… https://t.co/JRWR9cXILX
@CVEnew
27 Jan 2025
244 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C0B80A90-97E0-49C0-A780-695E17B0568C",
"versionEndExcluding": "1.2.29"
}
],
"operator": "OR"
}
]
}
]