Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site request forgery (CSRF) vulnerability in Cacti 0.8.7g, 0.8.8b, and earlier allows remote attackers to hijack the authentication of users for unspecified commands, as demonstrated by requests that (1) modify binary files, (2) modify configurations, or (3) add arbitrary users.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Cacti 跨站请求伪造漏洞
Vulnerability Description
Cacti是Cacti团队的一套开源的网络流量监测和分析工具。该工具通过snmpget来获取数据,使用RRDtool绘画图形进行分析,并提供数据和用户管理功能。 Cacti 0.8.7g及之前的版本和0.8.8b及之前的版本中存在跨站请求伪造漏洞。远程攻击者可利用该漏洞修改二进制文件,修改配置或添加任意用户。
CVSS Information
N/A
Vulnerability Type
N/A