Published: 22/02/2020 Updated: 07/11/2023

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

VMScore: 942

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

graph_realtime.php in Cacti 1.2.8 allows remote malicious users to execute arbitrary OS commands via shell metacharacters in a cookie, if a guest user has the graph real-time privilege.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cacti cacti 1.2.8
fedoraproject fedora 30
fedoraproject fedora 31
fedoraproject fedora 32
opmantek open-audit 3.3.1
opensuse suse_package_hub
debian debian linux 10.0

Debian Bug report logs - #951832 cacti: CVE-2020-8813 Package: src:cacti; Maintainer for src:cacti is Cacti Maintainer <pkg-cacti-maint@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 22 Feb 2020 09:21:01 UTC Severity: grave Tags: security, upstream Found in version cacti/1 ...

#!/usr/bin/python3 # Exploit Title: Cacti v128 Remote Code Execution # Date: 03/02/2020 # Exploit Author: Askar (@mohammadaskar2) # CVE: CVE-2020-8813 # Vendor Homepage: cactinet/ # Version: v128 # Tested on: CentOS 73 / PHP 7133 import requests import sys import warnings from bs4 import BeautifulSoup from urllibparse import quot ...

#!/usr/bin/python3 # Exploit Title: Cacti v128 Unauthenticated Remote Code Execution # Date: 03/02/2020 # Exploit Author: Askar (@mohammadaskar2) # CVE: CVE-2020-8813 # Vendor Homepage: cactinet/ # Version: v128 # Tested on: CentOS 73 / PHP 7133 import requests import sys import warnings from bs4 import BeautifulSoup from urllibp ...

Cacti version 128 suffers from an unauthenticated remote code execution vulnerability ...

graph_realtimephp in Cacti 128 allows remote attackers to execute arbitrary OS commands via shell metacharacters in a cookie if a guest user has the graph real-time privilege ...

Cacti version 128 suffers from an authenticated remote code execution vulnerability ...

Open-AudIT Professional version 331 suffers from a remote code execution vulnerability ...

Cacti-CVE-2020-8813 Usage: cacti_rcepy [options] Options: -h, --help show this help message and exit -u URL, --url=URL [ Required ] target URL eg: Cacti/ -l LHOST, --lhost=LHOST [ Required ] Attacker IP addr -p LPORT, --lport=LPORT [ Default 443 ] Attacker IP Port

CVE-2020-8813 - RCE through graph_realtime.php in Cacti 1.2.8

CVE-2020-8813 - RCE through graph_realtimephp in Cacti 128 Features [x] Description graph_realtimephp in Cacti 128 allows remote attackers to execute arbitrary OS commands via shell metacharacters in a cookie, if a guest user has the graph real-time privilege Usage $ /CVE-2020-8813py -h PoC of CVE-2020-8813 - RCE through graph_realtimephp in Cacti 128 - by @podali

InfosecBookmarks Organizando os bookmarks que acumulei no Chrome Bug Bounty Methodology WebHacking Recon Tools Awesome Lists Bugs Finding Subdomain Takeover Finding Race Conditions Finding Open Redirections Finding XXE Finding RCE Finding SSRF Finding XSS Finding CSRF Finding SQLi Finding IDOR Mobile Tools CheatSheet Mobile Writeups API Test Labs WriteUps Subdomain

The official exploit for Cacti v1.2.8 Remote Code Execution CVE-2020-8813

CVE-2020-8813 The official exploit for Cacti v128 Remote Code Execution CVE-2020-8813 Cacti v128 Pre-Auth Remote Code Execution Cacti v128 Post-Auth Remote Code Execution

Cacti v1.2.8 Unauthenticated Remote Code Execution

CVE-2020-8813 Cacti v128 Unauthenticated Remote Code Execution Uses Python 3 Running without Docker: git clone githubcom/hexcowboy/CVE-2020-8813git && cd CVE-2020-8813 python3 -m venv env && source env/bin/activate pip install -r requirementstxt python exploitpy Running with Docker: git clone h

CWE-78 https://github.com/Cacti/cacti/releases https://gist.github.com/mhaskar/ebe6b74c32fd0f7e1eedf1aabfd44129 https://drive.google.com/file/d/1A8hxTyk_NgSp04zPX-23nPbsSDeyDFio/view https://shells.systems/cacti-v1-2-8-authenticated-remote-code-execution-cve-2020-8813/https://github.com/Cacti/cacti/issues/3285 http://packetstormsecurity.com/files/156538/Cacti-1.2.8-Authenticated-Remote-Code-Execution.html http://packetstormsecurity.com/files/156537/Cacti-1.2.8-Unauthenticated-Remote-Code-Execution.html http://packetstormsecurity.com/files/156593/Cacti-1.2.8-Unauthenticated-Remote-Code-Execution.html http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html http://packetstormsecurity.com/files/157477/Open-AudIT-Professional-3.3.1-Remote-Code-Execution.html http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html https://security.gentoo.org/glsa/202004-16 https://lists.debian.org/debian-lts-announce/2022/12/msg00039.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M77SS33IDVNGBU566TK2XVULPW3RXUQ4/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XEMDQXDRNQYXOME7TACKDVCXZXZNGZE2/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WAX3LDXPIKWNBGVZSIMZV7LI5K6BZRTO/https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=951832 https://nvd.nist.gov https://github.com/p0dalirius/CVE-2020-8813-Cacti-RCE-in-graph_realtime https://www.exploit-db.com/exploits/48144

CVE-2020-8813

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Exploits

Github Repositories

References

Vulmon Search

About

Products

Connect