VDB
CVE-2010-1645
CVE-2010-1645
PUBLISHED
CVSS 6.5 MEDIUM
Cacti before 0.8.7f, as used in Red Hat High Performance Computing (HPC) Solution and other products, allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in (1) the FQDN field of a Device or (2) the Vertical Label field of a Graph Template.
EPSS 2.79% · 86.4th percentile
Risk Scores
CVSS 2.0
6.5
EPSS Score
2.79%
86.4th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| cacti | cacti | 0, 0.6, 0.6.1 |
Exploit Intelligence
- http://svn.cacti.net/viewvc?view=rev&revision=5778 (circl)
- MDVSA-2010:160 (circl)
- 41041 (circl)
- http://www.cacti.net/release_notes_0_8_7f.php (circl)
- RHSA-2010:0635 (circl)
- http://www.bonsai-sec.com/en/research/vulnerabilities/cacti-os-command-injection-0105.php (circl)
- ADV-2010-2132 (circl)
- http://svn.cacti.net/viewvc?view=rev&revision=5782 (circl)
- https://bugzilla.redhat.com/show_bug.cgi?id=609115 (circl)
- http://svn.cacti.net/viewvc?view=rev&revision=5784 (circl)
Timeline
- Aug 23, 2010 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 17, 2022 CVE Updated
- May 20, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 3, 2023 EPSS Score
- Feb 13, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 2, 2023 EPSS Score
References
- http://svn.cacti.net/viewvc?view=rev&revision=5778 url
- MDVSA-2010:160 vendor-advisory
- 41041 third-party-advisory
- http://www.cacti.net/release_notes_0_8_7f.php url
- RHSA-2010:0635 vendor-advisory
- http://www.bonsai-sec.com/en/research/vulnerabilities/cacti-os-command-injection-0105.php url
- ADV-2010-2132 vdb
- http://svn.cacti.net/viewvc?view=rev&revision=5782 url
- https://bugzilla.redhat.com/show_bug.cgi?id=609115 url
- http://svn.cacti.net/viewvc?view=rev&revision=5784 url
- https://nvd.nist.gov/vuln/detail/CVE-2010-1645 advisory