CVE-2017-16641

Опубликовано: 07 нояб. 2017

Источник: nvd

CVSS3: 7.2

CVSS2: 9

EPSS Низкий

Описание

lib/rrd.php in Cacti 1.1.27 allows remote authenticated administrators to execute arbitrary OS commands via the path_rrdtool parameter in an action=save request to settings.php.

Ссылки

https://github.com/Cacti/cacti/issues/1057
Exploit
Issue Tracking
Patch
https://github.com/Cacti/cacti/issues/1057
Exploit
Issue Tracking
Patch

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:cacti:cacti:1.1.27:*:*:*:*:*:*:*

EPSS

Процентиль: 64%

0.00465

Низкий

7.2 High

CVSS3

9 Critical

CVSS2

Дефекты

CWE-78

Связанные уязвимости

CVE-2017-16641

CVSS3: 7.2

ubuntu

около 8 лет назад

lib/rrd.php in Cacti 1.1.27 allows remote authenticated administrators to execute arbitrary OS commands via the path_rrdtool parameter in an action=save request to settings.php.

CVE-2017-16641

CVSS3: 7.2

debian

около 8 лет назад

lib/rrd.php in Cacti 1.1.27 allows remote authenticated administrators ...

GHSA-h5hf-99mp-vqgm

CVSS3: 7.2

github

больше 3 лет назад

lib/rrd.php in Cacti 1.1.27 allows remote authenticated administrators to execute arbitrary OS commands via the path_rrdtool parameter in an action=save request to settings.php.

openSUSE-SU-2017:3051-1

suse-cvrf

около 8 лет назад

Security update for cacti, cacti-spine

EPSS

Процентиль: 64%

0.00465

Низкий

7.2 High

CVSS3

9 Critical

CVSS2

Дефекты

CWE-78