CVE-2024-31445

Summary

CVE-2024-31445 is a SQL injection vulnerability in Cacti, specifically in the `automation_get_new_graphs_sql` function of `api_automation.php` prior to version 1.2.27. This vulnerability allows authenticated users to exploit SQL injection vulnerabilities for privilege escalation and remote code execution. The issue arises from the concatenation of the `get_request_var('filter')` into the SQL statement without any sanitization. The filter for `'filter'` is set to `'FILTER_DEFAULT'`, which means there is no filter for it. However, version 1.2.27 contains a patch for this vulnerability. The vulnerability has a risk score of 68, with a base severity of HIGH and a base score of 8.8 according to the CVSS:3.1 vector string: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. It poses a potential danger to organizations as it allows attackers to execute arbitrary code and gain unauthorized access through SQL injections.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.