2 matches found
CVE-2024-45598 Cacti has a Local File Inclusion (LFI) Vulnerability via Poller Standard Error Log Path
Cacti is an open source performance and fault management framework. Prior to 1.2.29, an administrator can change the Poller Standard Error Log Path parameter in either Installation Step 5 or in Configuration-Settings-Paths tab to a local file inside the server. Then simply going to Logs tab and...
CVE-2024-45598
CVE-2024-45598 affects Cacti prior to version 1.2.29. An administrator can set Poller Standard Error Log Path to a local server file, and from the Logs UI reveal the file’s contents. Affected component: Cacti Poller/Settings path handling. Impact: potential exposure of local file contents via the...