Subscribe via feed.

Cacti 1.2.8 Unauthenticated Remote Code Execution

Posted by deepcore on March 3, 2020 – 8:58 am

graph_realtime.php in Cacti 1.2.8 allows remote attackers to execute arbitrary OS commands via shell metacharacters in a cookie if a guest user has the graph real-time privilege.


This post is under “exploit” and has no respond so far.
If you enjoy this article, make sure you subscribe to my RSS Feed.

Post a reply

You must be logged in to post a comment.


« »