all InfoSec news
Metasploit Weekly Wrap-Up
Rapid7 Blog blog.rapid7.com
Cacti Unauthenticated Command Injection
Thanks to community contributor Erik Wynter, Metasploit Framework now has an exploit module for an unauthenticated command injection vulnerability in the Cacti network-monitoring software. The vulnerability is due to a proc_open() call that accepts unsanitized user input in remote_agent.php. Provided that the target
cacti call command command injection community exploit framework injection input metasploit metasploit framework metasploit weekly wrapup monitoring monitoring software network php software target vulnerability weekly wrap-up