CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2002-1478

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0740%
EPSS Percentile42.05th
Published2003年4月22日
Last Modified2026年4月16日

Vulnerability Description

Cacti before 0.6.8 allows attackers to execute arbitrary commands via the "Data Input" option in console mode.

Affected Platforms (CPE)

📦
The Cacti Group

Cacti

= 0.5
📦
The Cacti Group

Cacti

= 0.6
📦
The Cacti Group

Cacti

= 0.6.1
📦
The Cacti Group

Cacti

= 0.6.2
📦
The Cacti Group

Cacti

= 0.6.3
📦
The Cacti Group

Cacti

= 0.6.4
📦
The Cacti Group

Cacti

= 0.6.5
📦
The Cacti Group

Cacti

= 0.6.6
📦
The Cacti Group

Cacti

= 0.6.7
📦
The Cacti Group

Cacti

= 0.6.8

References & Advisories

🔗 http://archives.neohapsis.com/archives/bugtraq/2002-09/0028.html
🔗 http://www.debian.org/security/2002/dsa-164
🔗 http://www.iss.net/security_center/static/10050.php
🔗 http://www.knights-of-the-routing-table.org/advisories/krt_001_20020903_cacti.txt
🔗 http://www.securityfocus.com/bid/5630
🔗 http://archives.neohapsis.com/archives/bugtraq/2002-09/0028.html
🔗 http://www.debian.org/security/2002/dsa-164
🔗 http://www.iss.net/security_center/static/10050.php

相關漏洞威脅

CVE-2005-214910.0

config.php in Cacti 0.8.6e and earlier allows remote attackers to set the no_http_headers switch, then modify session information ...

CVE-2021-406439.8

EyesOfNetwork before 07-07-2021 has a Remote Code Execution vulnerability on the mail options configuration page. In the location ...

CVE-2017-120659.8

spikekill.php in Cacti before 1.1.16 might allow remote attackers to execute arbitrary code via the avgnan, outlier-start, or outl...

CVE-2009-41129.0

Cacti 0.8.7e and earlier allows remote authenticated administrators to gain privileges by modifying the "Data Input Method" for th...