Cacti CMD.PHP Remote Command Execution Vulnerability

Cacti CMD.PHP Remote Command Execution Vulnerability

Cacti is prone to a remote command-execution vulnerability because the application fails to properly sanitize user-supplied input to the 'cmd.php' script.

Exploiting this issue allows attackers to execute arbitrary commands in the context of the server.

A successful exploit could facilitate the compromise of an affected computer; other attacks are also possible.

Cacti 0.8.6i and prior versions are reportedly affected.