CVE-2025-26520 | Cacti up to 1.2.29 host_templates.php template graph_template sql injection

CVE-2025-26520 | Cacti up to 1.2.29 host_templates.php template graph_template sql injection

A vulnerability has been found in Cacti up to 1.2.29 and classified as critical. This vulnerability affects the function template of the file host_templates.php. The manipulation of the argument graph_template leads to sql injection. This vulnerability was named CVE-2025-26520. The attack can be initiated remotely. There is no exploit available.