CVE-2009-4112

CRITICAL

9.0

CVSS Severity Score

EPSS Score0.0480%

EPSS Percentile30.95th

PublishedNov 30, 2009

Last ModifiedApr 23, 2026

Vulnerability Description

Cacti 0.8.7e and earlier allows remote authenticated administrators to gain privileges by modifying the "Data Input Method" for the "Linux - Get Memory Usage" setting to contain arbitrary commands.

Affected Platforms (CPE)

📦

Cacti

<= 0.8.7e

📦

Cacti

= 0.6.7

📦

Cacti

= 0.8

📦

Cacti

= 0.8.1

📦

Cacti

= 0.8.2

📦

Cacti

= 0.8.2a

📦

Cacti

= 0.8.3

📦

Cacti

= 0.8.3a

📦

Cacti

= 0.8.4

📦

Cacti

= 0.8.5

📦

Cacti

= 0.8.5a

📦

Cacti

= 0.8.6c

📦

Cacti

= 0.8.6f

📦

Cacti

= 0.8.6i

📦

Cacti

= 0.8.7

📦

Cacti

= 0.8.7a

References & Advisories

🔗 http://archives.neohapsis.com/archives/fulldisclosure/2009-11/0292.html

🔗 http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html

🔗 http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html

🔗 http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html

🔗 http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html

🔗 http://www.openwall.com/lists/oss-security/2009/11/26/1

🔗 http://www.openwall.com/lists/oss-security/2009/11/30/2

🔗 http://www.securityfocus.com/archive/1/508129/100/0/threaded

Vulnerability Description

Affected Platforms (CPE)

Cacti

Cacti

Cacti

Cacti

Cacti

Cacti

Cacti

Cacti

Cacti

Cacti

Cacti

Cacti

Cacti

Cacti

Cacti

Cacti

References & Advisories

Related Vulnerabilities