CVE-2022-46169CISA KEVEPSS p100.0%
CVE-2022-46169CVE-2022-46169
cacti / cacti
Description
Cacti is an open source platform which provides a robust and extensible operational monitoring and fault management framework for users. In affected versions a command injection vulnerability allows an unauthenticated user to execute arbitrary code on a server running Cacti, if a specific data source was selected for any monitored device. The vulnerability resides in the `remote_agent.php` file. This file can be accessed without authentication. This function retrieves the IP address of the client via `get_client_addr` and resolves this IP address to the corresponding hostname via `gethostbyaddr`. After this, it is verified that an entry within the `poller` table exists, where the hostname corresponds to the resolved hostname. If such an entry was found, the function returns `true` and the client is authorized. This authorization can be bypassed due to the implementation of the `get_client_addr` function. The function is defined in the file `lib/functions.php` and checks serval `$_SERVE
Scoring
| CVSS | 9.8 () |
| Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
| EPSS | 99.83% probability of exploitation · percentile 100.0% · 2026-06-16T12:03:06Z |
| Last modified | 2026-06-17 |
CISA KEV entry
Added to KEV: 2023-02-16
(incoming)1
| Type | Target | Confidence | Tier |
|---|---|---|---|
| KEVEntry | Cacti Command Injection Vulnerabilitykev-cve-2022-46169 | 0% | live |
Related by meaning· 6
Nearest entities by semantic similarity across the cs-graph corpus.