RaXnet Cacti Graph_Image.PHP Remote Command Execution Vulnerability

RaXnet Cacti Graph_Image.PHP Remote Command Execution Vulnerability

Cacti is prone to a remote command execution vulnerability.

User-supplied input to the 'graph_image.php' script is not properly sanitized and allows attackers to execute arbitrary commands in the context of the server.

This can facilitate various attacks including unauthorized access to an affected computer.

Cacti 0.8.6d and prior versions are reportedly affected.