CVE-2017-16661
08.11.2017, 05:29
Cacti 1.1.27 allows remote authenticated administrators to read arbitrary files by placing the Log Path into a private directory, and then making a clog.php?filename= request, as demonstrated by filename=passwd (with a Log Path under /etc) to read /etc/passwd.Enginsight
Vendor | Product | Version |
---|---|---|
cacti | cacti | 1.1.27 |
𝑥
= Vulnerable software versions

Debian Releases

Ubuntu Releases
Common Weakness Enumeration