What is CVE-2025-24367?

CVE-2025-24367 is a vulnerability in Cacti, classified under CWE-144. Published 2025-01-27.

Is CVE-2025-24367 known to be exploited?

13 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Cacti

CVE-2025-24367

Cacti is an open source performance and fault management framework. An authenticated Cacti user can abuse graph creation and graph template functionality to create arbitrary PHP scripts in the web root of the application, leading to remote…

EPSS: 0.879 (99.5th percentile) — read the EPSS interpretation.

Affected products

Cacti — versions <= 1.2.28

Weakness classification (CWE)

CWE-144

Public proof-of-concept exploits

TheCyberGeek/CVE-2025-24367-Cacti-PoC
ShoshinMaster/CVE-2025-24367
matesz44/CVE-2025-24367
dantedansh/CVE-2025-24367-Cacti-Exploit
SoftAndoWetto/CVE-2025-24367-PoC-Cacti
r0tn3x/CVE-2025-24367
r3vpwnx/CVE-2025-24367
rapid7/metasploit-framework
J1ezds/Vulnerability-Wiki-page
Threekiii/Awesome-POC

References

https://github.com/Cacti/cacti/security/advisories/GHSA-fxrq-fr7h-9rqq (x_refsource_CONFIRM)
https://github.com/Cacti/cacti/commit/c7e4ee798d263a3209ae6e7ba182c7b65284d8f0 (x_refsource_MISC)

Frequently asked questions

What is CVE-2025-24367?: CVE-2025-24367 is a vulnerability in Cacti, classified under CWE-144. Published 2025-01-27.
Is CVE-2025-24367 known to be exploited?: 13 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.