Skip to content

StopThatTalace/CVE-2024-25641-CACTI-RCE-1.2.26

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

13 Commits
core
core
 
 
CVE-2024-25641.py
CVE-2024-25641.py
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
poetry.lock
poetry.lock
 
 
pyproject.toml
pyproject.toml
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

CVE-2024-25641 - Cacti 1.2.26 - Arbitrary file write to RCE 🌵

  • Authenticated RCE
  • Cacti version < v1.2.26

Summary

An arbitrary file write vulnerability, exploitable through the "Package Import" feature, allows authenticated users having the "Import Templates" permission to execute arbitrary PHP code on the web server (RCE).

Proof Of Concept

CVE DEMO

Usage

git clone https://github.com/StopThatTalace/CVE-2024-25641-CACTI-RCE-1.2.26.git && cd CVE-2024-25641-CACTI-RCE-1.2.26

pip install -r requirements.txt

python3 CVE-2024-25641.py http://localhost/path/to/cacti/ --user admin --pass admin123 -x 'whoami'

With poetry

git clone https://github.com/StopThatTalace/CVE-2024-25641-CACTI-RCE-1.2.26.git && cd CVE-2024-25641-CACTI-RCE-1.2.26

poetry install

poetry run python3 CVE-2024-25641.py http://localhost/path/to/cacti/ --user admin --pass admin123 -x 'whoami'

DISCLAIMER

This tool is intended for educational and testing purposes only. The author of this tool is not responsible for any misuse or illegal activities performed with it. Use this tool only on systems you own or have explicit permission to test. Unauthorized access to computer systems is illegal and unethical.

About

Fully automated PoC - CVE-2024-25641 - RCE - Cacti < v1.2.26 🌵

Resources

Readme

License

GPL-3.0 license
Activity

Stars

7 stars

Watchers

1 watching

Forks

0 forks
Report repository

Languages