- Description
- Cacti is an open source performance and fault management framework. Prior to 1.2.29, there is an input-validation flaw in the SNMP device configuration functionality. An authenticated Cacti user can supply crafted SNMP community strings containing control characters (including newlines) that are accepted, stored verbatim in the database, and later embedded into backend SNMP operations. In environments where downstream SNMP tooling or wrappers interpret newline-separated tokens as command boundaries, this can lead to unintended command execution with the privileges of the Cacti process. This vulnerability is fixed in 1.2.29.
- Source
- security-advisories@github.com
- NVD status
- Analyzed
- Products
- cacti
CVSS 4.0
- Type
- Secondary
- Base score
- 7.4
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- HIGH
CVSS 3.1
- Type
- Primary
- Base score
- 8.8
- Impact score
- 5.9
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
- security-advisories@github.com
- CWE-77
- Hype score
- Not currently trending
#VulnerabilityReport #Cacti High-Severity Cacti Flaw (CVE-2025-66399) Risks Remote Code Execution via SNMP Community String Injection https://t.co/CCpzIC3z13
@Komodosec
11 Jan 2026
66 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-66399: Command Injection in Cacti, 7.4 rating❗️ A vulnerability in the SNMP component of Cacti could allow an authenticated attacker to perform RCE. Search at https://t.co/hv7QKSqxTR: 👉 Link: https://t.co/sXiVswjub3 https://t.co/KW0hNWrcPv
@Netlas_io
5 Dec 2025
752 Impressions
4 Retweets
9 Likes
3 Bookmarks
0 Replies
0 Quotes
A High-severity RCE flaw (CVE-2025-66399) in Cacti allows authenticated attackers to execute commands by injecting newline characters into the SNMP Community String. Update to v1.2.29 immediately. #Cacti #RCE #Cybersecurity #PatchNow https://t.co/Gr1ba0KTVW
@the_yellow_fall
5 Dec 2025
342 Impressions
2 Retweets
4 Likes
1 Bookmark
0 Replies
0 Quotes
18 new OPEN, 41 new PRO (18 + 23) Cacti (CVE-2025-66399), D-Link (CVE-2025-9769), FLIR (CVE-2025-5127), Oracle (CVE-2025-61757), TA451, TA453, Tenda (CVE-2025-9813), Western Digital (CVE-2016-10108, CVE-2016-10107), Zyxel (CVE-2025-8078) and more https://t.co/QpfhWo6NvF https://
@ET_Labs
2 Dec 2025
336 Impressions
2 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-66399 Cacti is an open source performance and fault management framework. Prior to 1.2.29, there is an input-validation flaw in the SNMP device configuration functionality.… https://t.co/lvjfxS0bOE
@CVEnew
2 Dec 2025
252 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C0B80A90-97E0-49C0-A780-695E17B0568C",
"versionEndExcluding": "1.2.29",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]