Short Name |
HTTP:PHP:RAXNET-CACTI-RCE |
---|---|
Severity |
Minor |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
RaXnet Cacti Graph_Image.PHP Remote Command Execution |
Release Date |
2011/10/31 |
Update Number |
2019 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulnerability in the RaXnet Cacti Graph_Image.PHP. It is due to insufficient validation of user-supplied input. A remote attacker can exploit this by enticing a target to open a malicious URL link. A successful attack can result in remote command execution.
Cacti is prone to a remote command execution vulnerability. User-supplied input to the 'graph_image.php' script is not properly sanitized and allows attackers to execute arbitrary commands in the context of the server. This can facilitate various attacks including unauthorized access to an affected computer. Cacti 0.8.6d and prior versions are reportedly affected.