SUSE CVE-2022-46169

Cacti is an open source platform which provides a robust and extensible operational monitoring and fault management framework for users. In affected versions a command injection vulnerability allows an unauthenticated user to execute arbitrary code on a server running Cacti, if a specific data...

Cacti 1.2.22 Command Injection Exploit

This Metasploit module exploits an unauthenticated command injection vulnerability in Cacti versions through 1.2.22 in order to achieve unauthenticated remote code execution as the www-data user. This module requires Metasploit: https://metasploit.com/download Current source:...

Cacti 1.2.22 unauthenticated command injection

This module exploits an unauthenticated command injection vulnerability in Cacti through 1.2.22 CVE-2022-46169 in order to achieve unauthenticated remote code execution as the www-data user. The module first attempts to obtain the Cacti version to see if the target is affected. If LOCALDATAID...

Cacti 1.2.22 Command Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cacti 1.2.22 unauthenticated command injection', 'Description' = %q This module exploits an unauthenticated command injection vulnerability in...

Vulnerability fixed in Cacti

Vulnerabilities have been fixed in Cacti. The vulnerabilities allow a malicious party to access system data and to execute arbitrary code under the user's privileges. An unauthenticated malicious party can gain access to the remoteagent.php file. By bypassing the authentication of this file...

PT-2022-6138

Name of the Vulnerable Software and Affected Versions Cacti versions prior to 1.2.23 Description A command injection vulnerability in Cacti allows an unauthenticated user to execute arbitrary code on a server running Cacti, if a specific data source was selected for any monitored device. The...