VDB
DEBIAN-CVE-2017-16660
DEBIAN-CVE-2017-16660
PUBLISHED
CVSS 7.199999809265137 HIGH
Cacti 1.1.27 allows remote authenticated administrators to conduct Remote Code Execution attacks by placing the Log Path under the web root, and then making a remote_agent.php request containing PHP code in a Client-ip header.
Risk Scores
CVSS v3.0
7.199999809265137
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:11 | cacti | 0, 0, 0 |
| Debian:14 | cacti | 0 |
| Debian:13 | cacti | 0, 0, 0 |
| Debian:12 | cacti | 0, 0, 0 |
Timeline
- Nov 8, 2017 CVE Published
- May 10, 2026 CVE Updated