CVE-2024-31460 | Cacti up to 1.2.26 automation_tree_rules.php create_all_header_nodes sql injection

Posted by Angelo Barbosa | May 13, 2024 | CVE

A vulnerability, which was classified as critical, was found in Cacti up to 1.2.26. This affects the function create_all_header_nodes in the library lib/api_automation.php of the file automation_tree_rules.php. The manipulation leads to sql injection.

This vulnerability is uniquely identified as CVE-2024-31460. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-31460 | Cacti up to 1.2.26 automation_tree_rules.php create_all_header_nodes sql injection

Related Posts

CVE-2024-33997 | Moodle Equation Editor cross site scripting

CVE-2022-4957 | librespeed speedtest up to 5.2.4 results/stats.php id cross site scripting

CVE-2024-32312 | Tenda F1203 2.0.1.6 formWanParameterSetting adslPwd stack-based overflow

CVE-2024-2229 | Schneider Electric EcoStruxure Power Design Project File deserialization (icsa-24-072-01)