It indicates a possible exploit of remote file inclusion vulnerability in Cacti software.
Cacti is a front-end application to RRDTool (Round Robin Database), it stores all of the necessary information to create graphs and populate them with data in a MySQL database. A vulnerability is reported in it that may allow an attacker to include PHP code and execute on the vulnerable system. This is due to application failure to properly sanitize config[include_path] parameters value passed to config_setting.php. An attacker may include PHP code in the config[include_path] parameters in a HTTP request and run it on the affected system with web server privilege, leading to shell access and compromise of the affected system.
Raxnet Cacti 0.8.6 d and earlier versions.
Compromise of the affected system.
Upgrade to Raxnet Cacti 0.8.6 e or later version.