The Cacti Group, Inc. Security Vulnerabilities

Exploit for Injection in Cacti

Sure! Here's a "dope" README.md for your PricklyPwn project:...

Exploit for CVE-2023-38831

CVE-2023-38831 PoC (Proof Of Concept) This is an easy to use...

Cacti < 0.8.6f Authentication Bypass Vulnerability

The Cacti application running on the remote web server is affected by an authentication bypass...

Cacti Local File Inclusion Vulnerability

The Cacti application running on the remote web server is affected by a local file inclusion vulnerability due to improperly validating user-supplied input to the 'config[include_path]' parameter in 'config_settings.php'. A remote attacker can exploit this to execute arbitrary PHP...

AD Starter Scan - Primary Group ID integrity

Groups are the standard way of providing access to resources in an environment. Therefore group membership should be treated with utmost care. A less known Active Directory feature can be used for the same purpose: Primary Group ID. This is a mechanism that was created to support legacy UNIX...

Cisco Firepower Management Center Software Object Group Access Control List Bypass Vulnerability

A vulnerability in the Object Groups for Access Control Lists (ACLs) feature of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to bypass configured access controls on managed devices that are running Cisco Firepower Threat Defense (FTD) Software....

CVE-2006-5435

PHP remote file inclusion vulnerability in groupcp.php in phpBB 2.0.10 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. NOTE: CVE and the vendor dispute this vulnerability because $phpbb_root_path is defined before...

inc-conso.fr Cross Site Scripting vulnerability OBB-3872425

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

CVE-2007-1695

PHP remote file inclusion vulnerability in includes/usercp_register.php in phpBB 2.0.19 allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. NOTE: this issue has been disputed by third-party researchers, stating that the file checks for a global...

CVE-2020-7058

data_input.php in Cacti 1.2.8 allows remote code execution via a crafted Input String to Data Collection -&gt; Data Input Methods -&gt; Unix -&gt; Ping Host. NOTE: the vendor has stated "This is a false...

Exploit for CVE-2024-29895

Cacti RCE - CVE-2024-29895 Usage: `python3...

Cacti < 0.8.8b Command and SQL Injections

According to its self-reported version number, the Cacti application running on the remote web server is prior to version 0.8.8b. It is, therefore, potentially affected by command injection and SQL injection vulnerabilities because the application fails to properly sanitize user-supplied input to.....

Plone allows a user to masquerade as a group

Unspecified vulnerability in PlonePAS in Plone 2.5 and 2.5.1, when anonymous member registration is enabled, allows an attacker to "masquerade as a...

CVE-2008-6225

SQL injection vulnerability in info.php in Mole Group Airline Ticket Sale Script allows remote attackers to execute arbitrary SQL commands via the flight parameter. NOTE: the vendor has disputed this issue, stating "crazy hackers and so named Security companies [spread] out such false...

Cacti < 0.8.7f Multiple Input Validation Vulnerabilities

According to its self-reported version number, the Cacti application running on the remote web server is prior to version 0.8.7f. It is, therefore, potentially affected by the following vulnerabilities : A vulnerability exists in 'templates_export.php' due to improper validation of input to...

Exploit for Use After Free in Linux Linux Kernel

CVE-2022-2586-LPE LPE N-day Exploit for...

Exploit for CVE-2024-29895

CVE-2024-29895 Cacti CVE-2024-29895 POC A command injection...

Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested

A 22-year-old man from the United Kingdom arrested this week in Spain is allegedly the ringleader of Scattered Spider, a cybercrime group suspected of hacking into Twilio, LastPass, DoorDash, Mailchimp, and nearly 130 other organizations over the past two years. The Spanish daily Murcia Today...

Rancher's Failure to delete orphaned role bindings does not revoke project level access from group based authentication in github.com/rancher/rancher

Rancher's Failure to delete orphaned role bindings does not revoke project level access from group based authentication in...

next-group-hd.co.jp Cross Site Scripting vulnerability OBB-3914054

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

CVE-2017-17688

The OpenPGP specification allows a Cipher Feedback Mode (CFB) malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL. NOTE: third parties report that this is a problem in applications that mishandle the Modification Detection Code (MDC) feature or accept an...

Debian DLA-1757-1 : cacti security update

It was discovered that there were a number of cross-site scripting vulnerabilities (XSS) in cacti, a web-based front-end for the RRDTool monitoring tool. For Debian 8 'Jessie', this issue has been fixed in cacti version 0.8.8b+dfsg-8+deb8u7. We recommend that you upgrade your cacti packages. NOTE:....

Fedora: Security Advisory for cacti (FEDORA-2024-27a594f71d)

The remote host is missing an update for...

CVE-2024-0552 Intumit inc. SmartRobot - Remote Code Execution

Intumit inc. SmartRobot's web framwork has a remote code execution vulnerability. An unauthorized remote attacker can exploit this vulnerability to execute arbitrary commands on the remote...

Cacti < 0.8.7g Multiple XSS and HTML Injection Vulnerabilities

According to its self-reported version number, the Cacti application running on the remote web server is prior to version 0.8.7g. It is, therefore, potentially affected by multiple cross-site scripting and HTML injection vulnerabilities. An attacker may be able to exploit these issues to inject...

gnark-crypto's exponentiation in the pairing target group GT using GLV can give incorrect results

Impact When the exponent is bigger than r, the group order of the pairing target group GT, the exponentiation à la GLV (ExpGLV) can sometimes give incorrect results compared to normal exponentiation (Exp). The issue impacts all users using ExpGLV for exponentiations in GT. This does not impact...

CVE-2024-29895 Cacti command injection in cmd_realtime.php

Cacti provides an operational monitoring and fault management framework. A command injection vulnerability on the 1.3.x DEV branch allows any unauthenticated user to execute arbitrary command on the server when register_argc_argv option of PHP is On. In cmd_realtime.php line 119, the $poller_id...

CVE-2024-30268 Cacti XSS vulnerability in display_settings

Cacti provides an operational monitoring and fault management framework. A reflected cross-site scripting vulnerability on the 1.3.x DEV branch allows attackers to obtain cookies of administrator and other users and fake their login using obtained cookies. This issue is fixed in commit...

CVE-2024-30268 Cacti XSS vulnerability in display_settings

Cacti provides an operational monitoring and fault management framework. A reflected cross-site scripting vulnerability on the 1.3.x DEV branch allows attackers to obtain cookies of administrator and other users and fake their login using obtained cookies. This issue is fixed in commit...

Chinese ‘Smishing Triad’ Group Targets Pakistanis with SMS Phishing

Protect yourself from Smishing attacks in Pakistan! Smishing Triad, a notorious cybercriminal group, is targeting Pakistani bank customers with fake Pakistan Post messages. Learn how to identify and avoid these scams to protect your financial...

CVE-2024-29895 Cacti command injection in cmd_realtime.php

Cacti provides an operational monitoring and fault management framework. A command injection vulnerability on the 1.3.x DEV branch allows any unauthenticated user to execute arbitrary command on the server when register_argc_argv option of PHP is On. In cmd_realtime.php line 119, the $poller_id...

ViLe Cybercrime Group Members Plead Guilty to Hacking DEA Portal

"ViLe" Hackers Busted! Two men plead guilty to breaching a federal law enforcement portal. Learn about the dangers of cybercrime, doxxing, and how authorities are working to combat these threats. This case highlights the importance of cybersecurity for law enforcement and the consequences for...

ProfileGrid < 5.8.3 - Bypass Group Members Limit

Description The ProfileGrid – User Profiles, Memberships, Groups and Communities plugin for WordPress is vulnerable to group limit bypass in all versions up to, and including, 5.8.2. This is due to the plugin not properly verifying the limits of a group before adding a member. This makes it...

TIBCO Security Advisory: June 11, 2024 - TIBCO EBX - CVE-2024-4576

TIBCO EBX File Inclusion Vulnerability Original release date: June 11, 2024 Last revised: June 12, 2024 CVE-2024-4576 Source: TIBCO Software Inc. Products Affected TIBCO EBX versions 5.9.25 and below TIBCO EBX versions 6.1.3 HF2 and below Component affected: EBX Add-ons Description The...

Chinese Espionage Group “ChamelGang” Uses Attacks for Disruption and Data Theft

Beware! Chinese cyberespionage group ChamelGang targets critical infrastructure like aviation and government systems. SentinelOne report reveals potential attacks across Asia. Learn more about ChamelGang's cyberespionage...

Fedora: Security Advisory for cacti-spine (FEDORA-2024-27a594f71d)

The remote host is missing an update for...

Exploit for CVE-2024-5522

CVE-2024-5522-Poc CVE-2024-5522 HTML5 Video Player &lt;=...

CVE-2024-34029 AD/LDAP Group Members Leak

Mattermost versions 9.5.x &lt;= 9.5.3, 9.7.x &lt;= 9.7.1 and 8.1.x &lt;= 8.1.12 fail to perform a proper authorization check in the /api/v4/groups//channels//link endpoint which allows a user to learn the members of an AD/LDAP group that is linked to a team by adding the group to a channel, even if...

CVE-2024-34029 AD/LDAP Group Members Leak

Mattermost versions 9.5.x &lt;= 9.5.3, 9.7.x &lt;= 9.7.1 and 8.1.x &lt;= 8.1.12 fail to perform a proper authorization check in the /api/v4/groups//channels//link endpoint which allows a user to learn the members of an AD/LDAP group that is linked to a team by adding the group to a channel, even if...

IBM Sells Cybersecurity Group

IBM is selling its QRadar product suite to Palo Alto Networks, for an undisclosed--but probably surprisingly small--sum. I have a personal connection to this. In 2016, IBM bought Resilient Systems, the startup I was a part of. It became part if IBM's cybersecurity offerings, mostly and weirdly...

CVE-2024-20657 Windows Group Policy Elevation of Privilege Vulnerability

...

Misconfigured Certificate Template Finder

This module allows users to query a LDAP server for vulnerable certificate templates and will print these certificates out in a table along with which attack they are vulnerable to and the SIDs that can be used to enroll in that certificate template. Additionally the module will also print out a...

SneakyChef espionage group targets government agencies with SugarGh0st and more infection techniques

Cisco Talos recently discovered an ongoing campaign from SneakyChef, a newly discovered threat actor using SugarGh0st malware, as early as August 2023. In the newly discovered campaign, we observed a wider scope of targets spread across countries in EMEA and Asia, compared with previous...

CVE-2023-1801

The SMB protocol decoder in tcpdump version 4.99.3 can perform an out-of-bounds write when decoding a crafted network...

Exploit for CVE-2023-38831

VolleyballSquid-----CVE-2023-38831-and-Bypass-UAC This is my...

Happy Addons for Elementor < 3.10.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Stack Group Widget

Description The Happy Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Image Stack Group widget in all versions up to, and including, 3.10.7 due to insufficient input sanitization and output escaping on user supplied 'tooltip_position' attribute. This.....

Linux Hardened Repository Unable to Update Immutability or Remove Restore Points due to SGID

Due to the SGID bit, all files created within this directory inherit the directory's group ownership. This conflicts with the verification routine in VBR that ensures the .veeam.lock file belongs to the root user and root...

Exploit for OS Command Injection in Gitlab

CVE-2022-2185 wo ee cve-2022-2185 gitlab authenticated rce...

Northwind Demo 1.0 Cross Site Scripting

...

Paste Script has improper group memberships permissions

Paste Script 1.7.5 and earlier does not properly set group memberships during execution with root privileges, which might allow remote attackers to bypass intended file-access restrictions by leveraging a web application that uses the local...