CyberSec.Space Logo
Back to CVE Browser

CVE-2002-1478

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0740%
EPSS Percentile42.05th
PublishedApr 22, 2003
Last ModifiedApr 16, 2026

Vulnerability Description

Cacti before 0.6.8 allows attackers to execute arbitrary commands via the "Data Input" option in console mode.

Affected Platforms (CPE)

πŸ“¦
The Cacti Group

Cacti

= 0.5
πŸ“¦
The Cacti Group

Cacti

= 0.6
πŸ“¦
The Cacti Group

Cacti

= 0.6.1
πŸ“¦
The Cacti Group

Cacti

= 0.6.2
πŸ“¦
The Cacti Group

Cacti

= 0.6.3
πŸ“¦
The Cacti Group

Cacti

= 0.6.4
πŸ“¦
The Cacti Group

Cacti

= 0.6.5
πŸ“¦
The Cacti Group

Cacti

= 0.6.6
πŸ“¦
The Cacti Group

Cacti

= 0.6.7
πŸ“¦
The Cacti Group

Cacti

= 0.6.8

References & Advisories

πŸ”— http://archives.neohapsis.com/archives/bugtraq/2002-09/0028.html
πŸ”— http://www.debian.org/security/2002/dsa-164
πŸ”— http://www.iss.net/security_center/static/10050.php
πŸ”— http://www.knights-of-the-routing-table.org/advisories/krt_001_20020903_cacti.txt
πŸ”— http://www.securityfocus.com/bid/5630
πŸ”— http://archives.neohapsis.com/archives/bugtraq/2002-09/0028.html
πŸ”— http://www.debian.org/security/2002/dsa-164
πŸ”— http://www.iss.net/security_center/static/10050.php

Related Vulnerabilities

CVE-2005-214910.0

config.php in Cacti 0.8.6e and earlier allows remote attackers to set the no_http_headers switch, then modify session information ...

CVE-2021-406439.8

EyesOfNetwork before 07-07-2021 has a Remote Code Execution vulnerability on the mail options configuration page. In the location ...

CVE-2017-120659.8

spikekill.php in Cacti before 1.1.16 might allow remote attackers to execute arbitrary code via the avgnan, outlier-start, or outl...

CVE-2009-41129.0

Cacti 0.8.7e and earlier allows remote authenticated administrators to gain privileges by modifying the "Data Input Method" for th...