CVE-2020-7237 — OS Command Injection in Cacti

CWE-78 — OS Command Injection7 documents5 sources

Severity

8.8HIGHNVD

EPSS

46.8%

top 2.32%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cacti Debian Cacti

Timeline

PublishedJan 20

Latest updateMay 24

Description

Cacti 1.2.8 allows Remote Code Execution (by privileged users) via shell metacharacters in the Performance Boost Debug Log field of poller_automation.php. OS commands are executed when a new poller cycle begins. The attacker must be authenticated, and must have access to modify the Performance Settings of the product.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages3 packages

▶debiandebian/cacti< cacti 1.2.9+ds1-1 (bookworm)

▶Debiancacti/cacti< 1.2.9+ds1-1+3

▶NVDcacti/cacti1.2.8

🔴Vulnerability Details

GHSA

GHSA-4wfp-xfpc-fxcp: Cacti 1↗2022-05-24

▶

OSV

CVE-2020-7237: Cacti 1↗2020-01-20

▶

📋Vendor Advisories

Debian

CVE-2020-7237: cacti - Cacti 1.2.8 allows Remote Code Execution (by privileged users) via shell metacha...↗2020

▶

💬Community

Bugzilla

CVE-2020-7237 cacti: remote code execution due to input validation in Performance Boost Debug Log↗2020-02-04

▶

Bugzilla

CVE-2020-7237 cacti: remote code execution due to input validation in Performance Boost Debug Log [fedora-all]↗2020-02-04

▶

Bugzilla

CVE-2020-7237 cacti: remote code execution due to input validation in Performance Boost Debug Log [epel-all]↗2020-02-04

▶