Lucene search
CVE-2024-29895
Cacti 1.3.x DEV branch command injection vulnerability allows unauthenticated users to execute arbitrary commands
Show more
| Reporter | Title | Published | Views | Family All 13 |
|---|---|---|---|---|
 | Exploit for CVE-2024-29895 | 17 May 202422:03 | – | githubexploit |
| Exploit for CVE-2024-29895 | 21 May 202412:30 | – | githubexploit |
| Exploit for CVE-2024-29895 | 15 May 202413:11 | – | githubexploit |
| Exploit for CVE-2024-29895 | 16 May 202420:03 | – | githubexploit |
| Exploit for CVE-2024-29895 | 16 May 202406:29 | – | githubexploit |
 | CVE-2024-29895 Cacti command injection in cmd_realtime.php | 13 May 202414:33 | – | cvelist |
 | CVE-2024-29895 | 14 May 202415:17 | – | debiancve |
 | CVE-2024-29895 Cacti command injection in cmd_realtime.php | 13 May 202414:33 | – | vulnrichment |
 | CVE-2024-29895 | 14 May 202400:00 | – | ubuntucve |
 | Cacti cmd_realtime.php - Command Injection | 16 May 202411:45 | – | nuclei |
10
[
{
"vendor": "Cacti",
"product": "cacti",
"versions": [
{
"version": "= 1.3.x DEV",
"status": "affected"
}
]
}
]| Parameter | Position | Path | Description | CWE |
|---|---|---|---|---|
| poller_id | query param | /cmd_realtime.php | A command injection vulnerability allows execution of arbitrary commands via the poller_id parameter sourced from user-controlled URL inputs. | CWE-77 |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo14 May 2024 15:17Current
7.8High risk
Vulners AI Score7.8
CVSS310
EPSS0.00766
SSVC