graph_realtime.php in Cacti 1.2.8 allows remote malicious users to execute arbitrary OS commands via shell metacharacters in a cookie, if a guest user has the graph real-time privilege.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cacti cacti 1.2.8 |
||
fedoraproject fedora 30 |
||
fedoraproject fedora 31 |
||
fedoraproject fedora 32 |
||
opmantek open-audit 3.3.1 |
||
opensuse suse_package_hub |
||
debian debian linux 10.0 |