Cacti 1.3.x-DEV Remote Code Execution

Cacti version 1.3.x-DEV suffer from an unauthenticated remote code execution vulnerability. An attacker can exploit this issue by sending a specially crafted HTTP request to the affected application. A successful exploit could allow the attacker to execute arbitrary code on the target system. No...

PT-2024-3456 · Php +1 · Php +1

Name of the Vulnerable Software and Affected Versions: Cacti versions 1.3.x Description: A command injection vulnerability allows any unauthenticated user to execute arbitrary commands on the server when the register argc argv option of PHP is On. The vulnerability is located in cmd realtime.php...