Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2005-10004OS Command Injection in IAN Berry Cacti

CWE-78OS Command Injection22 documents7 sources
Severity
8.7HIGHNVD
EPSS
54.0%
top 1.98%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
3
Raxnet IAN Berry CactiCactiDebian Cacti
Timeline
PublishedAug 30
Latest updateDec 26

Description

Cacti versions prior to 0.8.6-d contain a remote command execution vulnerability in the graph_view.php script. An authenticated user can inject arbitrary shell commands via the graph_start GET parameter, which is improperly handled during graph rendering. This flaw allows attackers to execute commands on the underlying operating system with the privileges of the web server process, potentially compromising system integrity.

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Packages4 packages

NVDcacti/cacti< 0.8.6d
debiandebian/cacti< cacti 0.8.6d-1 (bookworm)
CVEListV5raxnet/ian_berry_cacti*0.8.6-d
Debiancacti/cacti< 0.8.6d-1+3

🔴Vulnerability Details

2
GHSA
GHSA-h78q-4j5r-86xx: Cacti versions prior to 02025-12-26
OSV
CVE-2005-10004: Cacti versions prior to 02025-08-30

💥Exploits & PoCs

17
Exploit-DB
BZFlag 2.0.4 - undelimited string Denial of Service2005-12-27
Exploit-DB
Battle Carry .005 Socket Termination - Denial of Service2005-11-02
Exploit-DB
Glider collectn kill 1.0.0.0 - Buffer Overflow (PoC)2005-11-02
Exploit-DB
FlatFrag 0.3 - Buffer Overflow (Denial of Service) (PoC)2005-11-02
Exploit-DB
GO-Global Windows Clients 3.1.0.3270 - Buffer Overflow (PoC)2005-11-02

📋Vendor Advisories

1
Debian
CVE-2005-10004: cacti - Cacti versions prior to 0.8.6-d contain a remote command execution vulnerability...2005

🕵️Threat Intelligence

1
Wiz
CVE-2025-45160 Impact, Exploitability, and Mitigation Steps | Wiz