⚠ Exploited in the wild

Exploitation observed in the wild. Not yet on CISA KEV.

CVE-2020-8813 — OS Command Injection in Cacti

CWE-78 — OS Command Injection17 documents9 sources

Severity

8.8HIGHNVD

EPSS

93.9%

top 0.12%

CISA KEV

Not in KEV

Exploit

Exploited in wild

Active exploitation observed

Affected products

Cacti Debian Cacti Debian Linux +2 more

Timeline

PublishedFeb 22

Latest updateMay 24

Description

graph_realtime.php in Cacti 1.2.8 allows remote attackers to execute arbitrary OS commands via shell metacharacters in a cookie, if a guest user has the graph real-time privilege.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages4 packages

▶debiandebian/cacti< cacti 1.2.10+ds1-1 (bookworm)

▶Debiancacti/cacti< 1.2.10+ds1-1+3

▶NVDcacti/cacti1.2.8

▶NVDopmantek/open-audit3.3.1

Also affects: Debian Linux 10.0, Fedora 30, 31, 32

🔴Vulnerability Details

GHSA

GHSA-gg99-fwr4-rcj9: graph_realtime↗2022-05-24

▶

OSV

CVE-2020-8813: graph_realtime↗2020-02-22

▶

VulnCheck

Cacti Cacti Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')↗2020

▶

💥Exploits & PoCs

Exploit-DB

Open-AudIT Professional 3.3.1 - Remote Code Execution↗2020-04-29

▶

Exploit-DB

Cacti v1.2.8 - Unauthenticated Remote Code Execution (Metasploit)↗2020-03-02

▶

Exploit-DB

Cacti 1.2.8 - Remote Code Execution↗2020-02-24

▶

Exploit-DB

Cacti 1.2.8 - Authenticated Remote Code Execution↗2020-02-03

▶

Exploit-DB

Cacti 1.2.8 - Unauthenticated Remote Code Execution↗2020-02-03

▶

📋Vendor Advisories

Debian

CVE-2020-8813: cacti - graph_realtime.php in Cacti 1.2.8 allows remote attackers to execute arbitrary O...↗2020

▶

🕵️Threat Intelligence

Unit42

Attackers Are Taking Advantage of the Open-Source Service Interactsh for Malicious Purposes↗2021-10-14

▶

Unit42

Attackers Are Taking Advantage of the Open-Source Service Interactsh for Malicious Purposes↗2021-10-14

▶

💬Community

Bugzilla

CVE-2019-8813 webkitgtk: Incorrect state management leading to universal cross-site scripting↗2020-09-07

▶

Bugzilla

CVE-2020-8813 cacti: remote code can be executed when guest users have access to realtime graphs [epel-all]↗2020-03-04

▶

Bugzilla

CVE-2020-8813 cacti: remote code can be executed when guest users have access to realtime graphs [fedora-all]↗2020-03-04

▶

Bugzilla

CVE-2020-8813 cacti: remote code can be executed when guest users have access to realtime graphs↗2020-03-04

▶