CVE-2022-46169

CVE-2022-46169 is a security vulnerability found in Cacti, a network monitoring and management software. This vulnerability allows an attacker to remotely exploit the system without authentication by sending a specially crafted HTTP request. By taking advantage of this vulnerability, the attacker can execute arbitrary system commands on the target system. This poses a significant risk as it enables unauthorized individuals to gain control over the affected system and potentially carry out malicious activities with elevated privileges. In this the vulnerability resides in remote_agent.php. The solution to this is to upgrade to Cacti version 1.2.23, 1.3.0 or later