.. / CVE-2022-46169

Exploit for Cacti <=1.2.22 - Remote Command Injection (CVE-2022-46169)

Description:

Cacti through 1.2.22 is susceptible to remote command injection. There is insufficient authorization within the remote agent when handling HTTP requests with a custom Forwarded-For HTTP header. An attacker can send a specially crafted HTTP request to the affected instance and execute arbitrary OS commands on the server, thereby making it possible to obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site.

Nuclei Template

View the template here CVE-2022-46169.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2022/CVE-2022-46169.yaml
Copy

References:

https://nvd.nist.gov/vuln/detail/CVE-2022-46169
https://github.com/Cacti/cacti/commit/7f0e16312dd5ce20f93744ef8b9c3b0f1ece2216
https://github.com/Cacti/cacti/security/advisories/GHSA-6p93-p743-35gf
https://security-tracker.debian.org/tracker/CVE-2022-46169
https://www.cybersecurity-help.cz/vdb/SB2022121926