logo
DATABASE RESOURCES PRICING ABOUT US

CVE-2014-5261

Description

The graph settings script (graph_settings.php) in Cacti 0.8.8b and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a font size, related to the rrdtool commandline in lib/rrd.php.


Affected Package


OS OS Version Package Name Package Version
Debian 12 cacti 1.2.22+ds1-2
Debian 11 cacti 1.2.16+ds1-2
Debian 10 cacti 1.2.2+ds1-2+deb10u4
Debian 999 cacti 1.2.22+ds1-2

Related