A blind SQL injection vulnerability (CVE-2023-51448) in Cacti, a widely-used network monitoring, performance and fault management framework, could lead to information disclosure and potentially remote code execution. Cacti is often used in network operation centers of telecoms and web hosting providers, to collect network performance data and store it in RRDtool, a logging and graphing database and system that, through a web interface, creates graphical representations of the collected data. About CVE-2023-51448 CVE-2023-51448 is a … More
The post SQLi vulnerability in Cacti could lead to RCE (CVE-2023-51448) appeared first on Help Net Security.