Cacti 漏洞列表

Cacti是一个服务器监控与管理平台。在其1.2.17-1.2.22版本中存在一处命令注入漏洞，攻击者可以通过X-Forwarded-For请求头绕过服务端校验并在其中执行任意命令 app="Cacti-监控系统"

Cacti v1.2.8 is susceptible to remote code execution. This vulnerability could be exploited without authentication if "Guest Realtime Graphs" privileges are enabled.

Cacti contains a cross-site scripting vulnerability via "http://<CACTI_SERVER>/auth_changepassword.php?ref=<script>alert(1)</script>" which can successfully execute the JavaScript payload present in the "ref" URL parameter.

Cacti through 1.2.22 is susceptible to remote command injection. There is insufficient authorization within the remote agent when handling HTTP requests with a custom Forwarded-For HTTP header. An attacker can send a specially crafted HTTP request to the affected instance and execute arbitrary OS commands on the server, thereby making it possible to obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site.

Cacti is an open source operational monitoring and fault management framework. There are two instances of insecure deserialization in Cacti version 1.2.24.

Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a SQL injection discovered in graph_view.php. Since guest users can access graph_view.php without authentication by default, if guest users are being utilized in an enabled state, there could be the potential for significant damage. Attackers may exploit this vulnerability, and there may be possibilities for actions such as the usurpation of administrative privileges or remote code execution. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Cacti provides an operational monitoring and fault management framework. A command injection vulnerability on the 1.3.x DEV branch allows any unauthenticated user to execute arbitrary command on the server when `register_argc_argv` option of PHP is `On`. In `cmd_realtime.php` line 119, the `$poller_id` used as part of the command execution is sourced from `$_SERVER['argv']`, which can be controlled by URL when `register_argc_argv` option of PHP is `On`. And this option is `On` by default in many environments such as the main PHP Docker image for PHP.

Cacti是一套基于PHP、MySQL、SNMP及RRDTool开发的网络流量监测图形分析工具。Cacti存在命令注入漏洞，此漏洞是由于cmd_realtime.php接口对用户的请求验证不当导致的。

Cacti存在任意文件写入漏洞，此漏洞是由于import.php对用户导入的包缺乏验证导致的。

弱口令漏洞指的是系统中使用了简单、容易猜测或常见的密码，导致攻击者可以通过猜测或暴力破解的方式轻易获取账户权限，进而访问或控制受影响的系统资源。这种漏洞通常由于缺乏有效的密码策略或用户对安全意识的忽视造成。

Cacti中存在跨站脚本漏洞。该漏洞是由于spikekill.php未对用户输入的数据做有效的验证导致的。

Cacti是Cacti团队的一套开源的网络流量监测和分析工具。Cacti存在sql注入漏洞，此漏洞是由于managers.php接口对用户的请求验证不当导致的。

Cacti是一套开源的网络流量监测和分析工具，工具中存在sql注入漏洞。此漏洞是由于调用sql_save函数时未充分验证用户提供的输入所导致的

Cacti是一款开源的网络图形化监控工具，它可以通过SNMP协议监控网络设备的性能指标，如CPU利用率、内存使用率、网络流量等，并将这些指标以图表的形式展示出来，方便管理员进行实时监控和分析。graph_view.php存在SQL注入漏洞，攻击者可利用该漏洞在未授权的情况下，构造恶意数据执行SQL注入攻击，最终造成服务器敏感性信息泄露，导致潜在的远程代码执行。

Cacti 存在 Reports Creation 匿名账户远程命令执行漏洞，影响版本为：version <= 1.2.24，利用条件为启用匿名访问、且匿名账户具备 ReportsCreation 权限

Cacti是Cacti团队的一套开源的网络流量监测和分析工具。该工具通过snmpget来获取数据，使用RRDtool绘画图形进行分析，并提供数据和用户管理功能。Cactiv1.2.22版本存在命令注入漏洞，该漏洞源于未经身份验证的命令注入，允许未经身份验证的用户在运行Cacti的服务器上执行任意代码。

Cacti weathermap插件存在任意文件上传漏洞

杭州恩软信息技术有限公司(浙大恩特)提供外贸管理软件、外贸客户管理软件等外贸软件,是一家专注于外贸客户资源管理及订单管理产品及服务的综合性公司。该公司旗下浙大恩特CRM存在任意文件上传漏洞，攻击者可通过该漏洞获取服务器权限。

CactiEZ中文版是一款服务器和网络监控工具。CactiEZ移动版存在信息泄露可查看敏感信息

【漏洞对象】Cacti 【漏洞描述】 Cacti气象图插件存在任意文件上传漏洞。