An unauthenticated Local File Inclusion vulnerability in Cacti enables remote attackers to read arbitrary files from the host system, creating a critical risk of sensitive data exposure.

The vulnerability stems from improper input validation within the graph_theme parameter and rrdtool IPC serialization. This allows an unauthenticated attacker to traverse the file system and include arbitrary local files.

With a CVSS score of 9.8, this vulnerability is critical as it allows for the disclosure of sensitive configuration files, credentials, or system data. Such access facilitates further exploitation and compromise of the underlying infrastructure.

Immediate Action: Upgrade Cacti to version 1.2.31 or later to implement the necessary hardening and input sanitization.

Proactive Monitoring: Inspect web server logs for suspicious requests containing directory traversal sequences (e.g., ../) targeting the graph_theme parameter.

Compensating Controls: Deploy a Web Application Firewall (WAF) with rules designed to block directory traversal patterns and unauthorized file access attempts.

Public Exploit Available: Unknown

Given the critical nature of LFI vulnerabilities, immediate patching is required to protect the host environment. Administrators should verify the integrity of the system after applying the update to ensure no unauthorized access occurred previously.