CVE-2022-46169 unauthenticated remote code execution

Description

Authentication Bypass: a hostname-based authorization check is not implemented safely for most installations of Cacti
Command Injection: unsanitized user input is propagated to a string used to execute an external command

Demo

POC

Install

Using `go install`

go install github.com/devAL3X/CVE-2022-46169_poc

Run the binary:

CVE-2022-46169_poc

Building mannually

Alternatively, you can build binarymannually:

First, ensure that you have Go installed on your machine and $GOPATH eviroment variable is set.

Clone the repository:

git clone https://github.com/devAL3X/CVE-2022-46169_poc.git

Change into the project directory:

cd CVE-2022-46169_poc

Build the binary:

go build

Run the binary:

./CVE-2022-46169_poc

Name		Name	Last commit message	Last commit date
Latest commit History 4 Commits
README.md		README.md
demo.gif		demo.gif
go.mod		go.mod
main.go		main.go

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

README.md

README.md

demo.gif

demo.gif

go.mod

go.mod

main.go

main.go

Repository files navigation

CVE-2022-46169 unauthenticated remote code execution

Description

Demo

POC

Install

Using `go install`

Building mannually

About

Releases

Packages

Languages

devAL3X/CVE-2022-46169_poc

Folders and files

Latest commit

History

Repository files navigation

CVE-2022-46169 unauthenticated remote code execution

Description

Demo

POC

Install

Using go install

Building mannually

About

Resources

Stars

Watchers

Forks

Languages

Using `go install`