Skip to content
/ CVE-2024-29895-CactiRCE-PoC Public

CVE-2024-29895 PoC - Exploiting remote command execution in Cacti servers using the 1.3.X DEV branch builds

15 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Stuub/CVE-2024-29895-CactiRCE-PoC

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits

CVE-2024-29895.py

CVE-2024-29895.py

 
 

README.md

README.md

 
 

Repository files navigation

Cacti RCE - CVE-2024-29895

image

Usage:

python3 cve-2024-29895.py -u https://target.com/ -c id

Affecting Cacti versions 1.3.X on DEV builds where cmd_realtime.php is present and POLLER_ID is enabled.

Command Injection is possible via this endpoint, by requesting via GET with payload as HTML Query Parameters

Dork:

Google: inurl:cmd_realtime.php

Shodan: Cacti

Hunter.how: /product.name="Cacti"

FOFA: app="Cacti-Monitoring"

Version Checking

image

Disclaimer

Please exercise caution when using this PoC. It has been strictly developed to serve as a tool automate the validation of the vulnerability. Any misuse caused is at your own responsibility.

About

CVE-2024-29895 PoC - Exploiting remote command execution in Cacti servers using the 1.3.X DEV branch builds

Topics

php owasp rce cacti 0day cve-2024 cve-2024-29895 cactirce

Resources

Readme
Activity

Stars

15 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages