Web: https://packetstormsecurity.com/files/170714/cacti_unauthenticated_cmd_injection.rb.txt

Jan. 24, 2023, 5:09 p.m. |

Packet Storm packetstormsecurity.com

This Metasploit module exploits an unauthenticated command injection vulnerability in Cacti versions through 1.2.22 in order to achieve unauthenticated remote code execution as the www-data user.

cacti command command injection injection

Penetration Testers - Red Team ICS/OT and Network Experience

@ Waterleaf International LLC | Florida

Chief Information Security Officer

@ Los Angeles Unified School District | Los Angeles

Cybersecurity Engineer

@ Apercen Partners LLC | Folsom, CA

IDM Sr. Security Developer

@ The Ohio State University | Columbus, OH, United States

IT Security Engineer

@ Stylitics | New York City

Information Security Engineer

@ VDA Labs | Remote

Red Team Security Engineer

@ Keeper Security, Inc. | United States - Remote

2023 Security Operations Internship

@ Censys | Ann Arbor, Michigan, United States

Cloud Support Engineer - Security, WFH/In-Office, Mandarin Speaker

@ Amazon.com | Taipei City, TWN

SC2023-002701 IT Analyst- Cloud-Based Ext. Attack Surface Mgmt. (NS)- TUE 21 FEB

@ EMW, Inc. | Mons, Wallonia, Belgium

Cyber Security Consultant

@ Eurofins | Haarlem, Netherlands

Crisis & Cyber Security Management Senior Analyst

@ NielsenIQ | Madrid, Spain