Описание
Cacti 1.1.27 allows remote authenticated administrators to conduct Remote Code Execution attacks by placing the Log Path under the web root, and then making a remote_agent.php request containing PHP code in a Client-ip header.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | not-affected | 1.1.38+ds1-1 |
| cosmic | not-affected | 1.1.38+ds1-1 |
| devel | not-affected | 1.1.38+ds1-1 |
| esm-apps/bionic | not-affected | 1.1.38+ds1-1 |
| esm-apps/xenial | not-affected | code not present |
| esm-infra-legacy/trusty | not-affected | code not present |
| precise/esm | DNE | |
| trusty | not-affected | code not present |
| trusty/esm | not-affected | code not present |
Показывать по
9 Critical
CVSS2
7.2 High
CVSS3
Связанные уязвимости
Cacti 1.1.27 allows remote authenticated administrators to conduct Remote Code Execution attacks by placing the Log Path under the web root, and then making a remote_agent.php request containing PHP code in a Client-ip header.
Cacti 1.1.27 allows remote authenticated administrators to conduct Rem ...
Cacti 1.1.27 allows remote authenticated administrators to conduct Remote Code Execution attacks by placing the Log Path under the web root, and then making a remote_agent.php request containing PHP code in a Client-ip header.
9 Critical
CVSS2
7.2 High
CVSS3