CVE-2022-46169 — Cacti Command Injection Vulnerability
2023-02-16 • CISA Known Exploited Vulnerability
[event] Cacti contains a command injection vulnerability that allows an unauthenticated user to execute code.
> AFFECTED SOFTWARE
| Field | Value |
|---|---|
| Vendor | Cacti |
| Product | Cacti |
| CWE | CWE-74 |
| CVE ID | CVE-2022-46169 |
| Date Added | 2023-02-16 |
| Due Date | 2023-03-09 |
| Ransomware Campaign | Unknown |
> MITIGATION
Apply updates per vendor instructions.
Due Date: 2023-03-09