RaXnet.Cacti.GraphImage.PHP.Remote.Command.Execution

description-logoDescription

This indicates a possible exploit of a Remote Command Execution vulnerability in Raxnet's Cacti software.
A vulnerability has been reported in Cacti that may allow an attacker to execute shell commands on a vulnerable system. This is possible because the user input filters fail to properly sanitize the graph_start parameter value that is passed to graph_image.php and graph.php. An attacker may include shell commands by supplying an injection string through the URL and a good string through POST or the COOKIE.

affected-products-logoAffected Products

Raxnet Cacti 0.8.6 e and earlier versions.
Raxnet Cacti 0.8.6i,j
Mandriva, Corporate Server 4.0
Mandriva, Corporate Server 4.0/X86_64

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Upgrade to Raxnet Cacti 0.8.6 f or later version from the following URL:
http://www.cacti.net/download_cacti.php

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)