CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2017-12065

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.1860%
EPSS Percentile15.35th
Published2017年8月1日
Last Modified2026年5月13日

Vulnerability Description

spikekill.php in Cacti before 1.1.16 might allow remote attackers to execute arbitrary code via the avgnan, outlier-start, or outlier-end parameter.

Affected Platforms (CPE)

📦
Cacti

Cacti

<= 1.1.15

References & Advisories

🔗 http://www.securityfocus.com/bid/100080
🔗 https://cacti.net/release_notes.php?version=1.1.16
🔗 https://github.com/Cacti/cacti/commit/bd0e586f6f46d814930226f1516a194e7e72293e
🔗 https://github.com/Cacti/cacti/issues/877
🔗 https://security.gentoo.org/glsa/201711-10
🔗 http://www.securityfocus.com/bid/100080
🔗 https://cacti.net/release_notes.php?version=1.1.16
🔗 https://github.com/Cacti/cacti/commit/bd0e586f6f46d814930226f1516a194e7e72293e

相關漏洞威脅

CVE-2002-147810.0

Cacti before 0.6.8 allows attackers to execute arbitrary commands via the "Data Input" option in console mode.

CVE-2005-214910.0

config.php in Cacti 0.8.6e and earlier allows remote attackers to set the no_http_headers switch, then modify session information ...

CVE-2021-406439.8

EyesOfNetwork before 07-07-2021 has a Remote Code Execution vulnerability on the mail options configuration page. In the location ...

CVE-2009-41129.0

Cacti 0.8.7e and earlier allows remote authenticated administrators to gain privileges by modifying the "Data Input Method" for th...