CVE-2002-1477

EPSS 2.7%

cacti - arbitrary code execution

Published: 4/22/2003Modified: 5/27/2026

Description

graphs.php in Cacti before 0.6.8 allows remote authenticated Cacti administrators to execute arbitrary commands via shell metacharacters in the title during edit mode.

Affected packages (2)

Debian/cactifrom 0, < 0.6.8a-2
Debian/cactifrom 0, < 0.6.7-2.1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2002-1477