Total vulnerabilities in the database
graph_realtime.php in Cacti 1.2.8 allows remote attackers to execute arbitrary OS commands via shell metacharacters in a cookie, if a guest user has the graph real-time privilege.
Software | From | Fixed in |
---|---|---|
cacti / cacti | 1.2.8 | 1.2.8.x |
fedoraproject / fedora | 30 | 30.x |
fedoraproject / fedora | 31 | 31.x |
fedoraproject / fedora | 32 | 32.x |
opmantek / open-audit | 3.3.1 | 3.3.1.x |
opensuse / suse_package_hub | - | - |
debian / debian_linux | 10.0 | 10.0.x |