CVE-2014-5261
22.08.2014, 14:55
The graph settings script (graph_settings.php) in Cacti 0.8.8b and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a font size, related to the rrdtool commandline in lib/rrd.php.
| Vendor | Product | Version |
|---|---|---|
| cacti | cacti | 𝑥 ≤ 0.8.8b |
| cacti | cacti | 0.8.6e:e |
| cacti | cacti | 0.8.7 |
| cacti | cacti | 0.8.7a:a |
| cacti | cacti | 0.8.7b:b |
| cacti | cacti | 0.8.7c:c |
| cacti | cacti | 0.8.7d:d |
| cacti | cacti | 0.8.7e:e |
| cacti | cacti | 0.8.7f:f |
| cacti | cacti | 0.8.7g:g |
| cacti | cacti | 0.8.7i:i |
| cacti | cacti | 0.8.8 |
| cacti | cacti | 0.8.8a:a |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
References