Arus Balik

BugTraq ID: 21799
Remote: Yes
Last Updated: 2007-01-30
Relevant URL: http://www.securityfocus.com/bid/21799
Summary:
Cacti is prone to a remote command-execution vulnerability because the application fails to properly sanitize user-supplied input to the ‘cmd.php’ script.

Exploiting this issue allows attackers to execute arbitrary commands in the context of the server.

A successful exploit could facilitate the compromise of an affected computer; other attacks are also possible.

Cacti 0.8.6i and prior versions are reportedly affected.