Critical Vulnerability Discovered in Cacti Software
/ 1 min read
🌱 Critical vulnerability discovered in Cacti network monitoring software. The Cacti Group, Inc. has issued a security advisory regarding a severe vulnerability (CVE-2025-22604) in its widely used open-source network monitoring platform, which could allow authenticated attackers to remotely execute code on affected systems. With a CVSS score of 9.1, the flaw exists in the multi-line SNMP response parser, enabling attackers to inject malformed Object Identifiers (OIDs) that can manipulate system commands. This vulnerability poses significant risks, including unauthorized access to sensitive data. The Cacti Group has released version 1.2.29 to address the issue, urging all users to update their installations promptly to mitigate potential threats.
