Vulnerability Description
Cacti is an open source performance and fault management framework. Prior to 1.2.29, there is an input-validation flaw in the SNMP device configuration functionality. An authenticated Cacti user can supply crafted SNMP community strings containing control characters (including newlines) that are accepted, stored verbatim in the database, and later embedded into backend SNMP operations. In environments where downstream SNMP tooling or wrappers interpret newline-separated tokens as command boundaries, this can lead to unintended command execution with the privileges of the Cacti process. This vulnerability is fixed in 1.2.29.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cacti | Cacti | < 1.2.29 |
Related Weaknesses (CWE)
References
- https://github.com/Cacti/cacti/security/advisories/GHSA-c7rr-2h93-7gjfExploitVendor Advisory
FAQ
What is CVE-2025-66399?
CVE-2025-66399 is a vulnerability with a CVSS score of 8.8 (HIGH). Cacti is an open source performance and fault management framework. Prior to 1.2.29, there is an input-validation flaw in the SNMP device configuration functionality. An authenticated Cacti user can s...
How severe is CVE-2025-66399?
CVE-2025-66399 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-66399?
Check the references section above for vendor advisories and patch information. Affected products include: Cacti Cacti.