CVE-2025-66399 – SNMP Command Injection leads to RCE in Cacti

CVE ID : CVE-2025-66399

Published : Dec. 2, 2025, 5:57 p.m. | 29 minutes ago

Description : Cacti is an open source performance and fault management framework. Prior to 1.2.29, there is an input-validation flaw in the SNMP device configuration functionality. An authenticated Cacti user can supply crafted SNMP community strings containing control characters (including newlines) that are accepted, stored verbatim in the database, and later embedded into backend SNMP operations. In environments where downstream SNMP tooling or wrappers interpret newline-separated tokens as command boundaries, this can lead to unintended command execution with the privileges of the Cacti process. This vulnerability is fixed in 1.2.29.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…