graph_realtime.php in Cacti 1.2.8 allows remote attackers to execute arbitrary OS commands via shell metacharacters in a cookie if a guest user has the graph real-time privilege.
ddfd448fc925b28a03aaba73be8f9999625bb6879802ec1b4e35f2eeef4e1d87
© 2022 Packet Storm. All rights reserved.