39 matches found
Cacti v1.2.8 - Remote Code Execution
Cacti v1.2.8 is susceptible to remote code execution. This vulnerability could be exploited without authentication if "Guest Realtime Graphs" privileges are enabled. id: CVE-2020-8813 info: name: Cacti v1.2.8 - Remote Code Execution author: gy741 severity: high description: Cacti v1.2.8 is...
Linux Distros Unpatched Vulnerability : CVE-2020-8813
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - graphrealtime.php in Cacti 1.2.8 allows remote attackers to execute arbitrary OS commands via shell metacharacters in a cookie, if a guest user has the graph...
[SECURITY] [DLA 3252-1] cacti security update
Debian LTS Advisory DLA-3252-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin December 31, 2022 https://wiki.debian.org/LTS Package : cacti Version : 1.2.2+ds1-2+deb10u5 CVE ID : CVE-2020-8813 CVE-2020-23226 CVE-2020-25706 CVE-2022-0730 CVE-2022-46169 Debian Bug :...
CVE-2020-8813
creationtimestamp| type| source ---|---|--- 2021-09-21 06:42:47+00:00| published-proof-of-concept| https://t.me/pwnwikizhchannel/176 2023-11-17 03:11:13+00:00| seen| https://t.me/arpsyndicate/186 2024-09-21 16:06:46+00:00| published-proof-of-concept| https://t.me/realLulzSec/2034 2024-09-21...
VulnCheck KEV: CVE-2020-8813
graphrealtime.php in Cacti 1.2.8 allows remote attackers to execute arbitrary OS commands via shell metacharacters in a cookie, if a guest user has the graph real-time privilege...
Exploit for OS Command Injection in Cacti
CVE-2020-8813 Cacti v1.2.8 Unauthenticated Remote Code Executi...
Exploit for OS Command Injection in Cacti
Cacti-CVE-2020-8813 Usage: cactirce.py options Op...
Open-AudIT Professional 3.3.1 - Remote Code Execution Exploit
Exploit for php platform in category web applications Exploit Title: Open-AudIT Professional 3.3.1 - Remote Code Execution Exploit Author: Askar CVE: CVE-2020-8813 Vendor Homepage: https://opmantek.com/ Version: v3.3.1 Tested on: Ubuntu 18.04 / PHP 7.2.24 !/usr/bin/python3 import requests import...
openSUSE Security Update : cacti / cacti-spine (openSUSE-2020-558)
This update for cacti, cacti-spine to version 1.2.11 fixes the following issues : This update is fixing multiple vulnerabilities and adding bug fixes. For more details consult the changes file. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...
Open-AudIT Professional 3.3.1 - Remote Code Execution
Exploit Title: Open-AudIT Professional 3.3.1 - Remote Code Execution Date: 2020-04-22 Exploit Author: Askar CVE: CVE-2020-8813 Vendor Homepage: https://opmantek.com/ Version: v3.3.1 Tested on: Ubuntu 18.04 / PHP 7.2.24 !/usr/bin/python3 import requests import sys import warnings import random...
openSUSE: Security Advisory for cacti, (openSUSE-SU-2020:0558-1)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
FreeBSD : cacti -- multiple vulnerabilities (e2b564fc-7462-11ea-af63-38d547003487)
The Cacti developers reports : When guest users have access to realtime graphs, remote code could be executed CVE-2020-8813. Lack of escaping on some pages can lead to XSS exposure CVE-2020-7106. Remote Code Execution due to input validation failure in Performance Boost Debug Log CVE-2020-7237. C...
Cacti Remote Code Execution (CVE-2020-8813)
A remote code execution vulnerability exists in Cacti. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Fedora: Security Advisory for cacti (FEDORA-2020-d6a9e27bb1)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora 31 : cacti / cacti-spine (2020-10fe60d68b)
Update to 1.2.10 - CVE-2020-8813 Release notes: https://www.cacti.net/releasenotes.php?version=1.2.10 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much...
Fedora: Security Advisory for cacti-spine (FEDORA-2020-552e4e7879)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora: Security Advisory for cacti (FEDORA-2020-552e4e7879)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Cacti 1.2.8 Unauthenticated Remote Code Execution
Exploit Title: Cacti v1.2.8 - Unauthenticated Remote Code Execution Metasploit Date: 2020-02-29 Exploit Author: Lucas Amorim sh286s CVE: CVE-2020-8813 Vendor Homepage: https://cacti.net/ Version: v1.2.8 Tested on: Linux This module requires Metasploit: https://metasploit.com/download Current...
Cacti v1.2.8 - Unauthenticated Remote Code Execution (Metasploit)
Cacti v1.2.8 - Unauthenticated Remote Code Execution Metasploit Exploit Title: Cacti v1.2.8 - Unauthenticated Remote Code Execution Metasploit Date: 2020-02-29 Exploit Author: Lucas Amorim sh286s CVE: CVE-2020-8813 Vendor Homepage: https://cacti.net/ Version: v1.2.8 Tested on: Linux This module...
Cacti v1.2.8 - Unauthenticated Remote Code Execution Exploit
Exploit for php platform in category web applications Exploit Title: Cacti v1.2.8 - Unauthenticated Remote Code Execution Metasploit Exploit Author: Lucas Amorim sh286s CVE: CVE-2020-8813 Vendor Homepage: https://cacti.net/ Version: v1.2.8 Tested on: Linux This module requires Metasploit:...