module
Cacti RCE via SQLi in pollers.php
| Disclosed |
|---|
| Dec 20, 2023 |
Disclosed
Dec 20, 2023
Description
This exploit module leverages a SQLi (CVE-2023-49085) and a LFI
(CVE-2023-49084) vulnerability in Cacti versions prior to 1.2.26 to
achieve RCE. Authentication is needed and the account must have access
to the vulnerable PHP script (`pollers.php`). This is granted by
setting the `Sites/Devices/Data` permission in the `General
Administration` section.
(CVE-2023-49084) vulnerability in Cacti versions prior to 1.2.26 to
achieve RCE. Authentication is needed and the account must have access
to the vulnerable PHP script (`pollers.php`). This is granted by
setting the `Sites/Devices/Data` permission in the `General
Administration` section.
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.