15 matches found
📄 Cacti 1.2.26 Remote Code Execution
Cacti version 1.2.26 proof of concept remote code execution exploit. Exploit Title: Cacti 1.2.26 - Remote Code Execution RCE Authenticated Date: 06/01/2025 Exploit Author: D3Ext Vendor Homepage: https://cacti.net/ Software Link: https://github.com/Cacti/cacti/archive/refs/tags/release/1.2.26.zip...
Cacti 1.2.26 - Remote Code Execution (RCE) (Authenticated)
Exploit Title: Cacti 1.2.26 - Remote Code Execution RCE Authenticated Date: 06/01/2025 Exploit Author: D3Ext Vendor Homepage: https://cacti.net/ Software Link: https://github.com/Cacti/cacti/archive/refs/tags/release/1.2.26.zip Version: 1.2.26 Tested on: Kali Linux 2024 CVE: CVE-2024-25641...
Exploit for Improper Input Validation in Cacti
CVE-2024-25641 Exploit for Cacti 1.2.26 Exploiting CVE-2024-2...
Exploit for Improper Input Validation in Cacti
Cacti CVE-2024-25641: Proof of Concept for Authentication Pack...
[SECURITY] [DLA 3884-1] cacti security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3884-1 [email protected] https://www.debian.org/lts/security/ Bastien Roucariès September 09, 2024 https://wiki.debian.org/LTS -...
openSUSE 15 Security Update : cacti, cacti-spine (openSUSE-SU-2024:0274-1)
The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2024:0274-1 advisory. - cacti 1.2.27: CVE-2024-34340: Authentication Bypass when using using older password hashes boo1224240 CVE-2024-25641: RCE vulnerability when...
openSUSE Security Advisory (openSUSE-SU-2024:0274-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-6969-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Cacti Import Packages RCE
This exploit module leverages an arbitrary file write vulnerability CVE-2024-25641 in Cacti versions prior to 1.2.27 to achieve RCE. It abuses the Import Packages feature to upload a specially crafted package that embeds a PHP file. Cacti will extract this file to an accessible location. The modu...
Cacti Import Packages Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cacti Import Packages RCE', 'Description' = %q This exploit module leverages an arbitrary file write vulnerability CVE-2024-25641 in Cacti versio...
Fedora: Security Advisory (FEDORA-2024-27a594f71d)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Cacti 1.2.26 Remote Code Execution Vulnerability
---------------------------------------------------------------- Cacti = 1.2.26 import.php Remote Code Execution Vulnerability ---------------------------------------------------------------- - Software Link: https://cacti.net - Affected Versions: Version 1.2.26 and prior versions. - Vulnerabilit...
Cacti 1.2.26 Remote Code Execution
---------------------------------------------------------------- Cacti = 1.2.26 import.php Remote Code Execution Vulnerability ---------------------------------------------------------------- - Software Link: https://cacti.net - Affected Versions: Version 1.2.26 and prior versions. - Vulnerabilit...
Critical Flaws in Cacti Framework Could Let Attackers Execute Malicious Code
The maintainers of the Cacti open-source network monitoring and fault management framework have addressed a dozen security flaws, including two critical issues that could lead to the execution of arbitrary code. The most severe of the vulnerabilities are listed below - CVE-2024-25641 CVSS score:...
CVE-2024-25641
creationtimestamp| type| source ---|---|--- 2024-05-13 14:19:10+00:00| seen| https://t.me/HackingInsights/381 2024-05-14 14:27:54+00:00| seen| Telegram/mmbqk-FVHJnaVbo0loKJRZrYKTfO6mWdsWAPD9vTGJO-ys 2024-05-14 14:37:41+00:00| published-proof-of-concept| https://t.me/itsecnews/4427 2024-05-14...