CVE-2020-7058

Published January 15th, 2020

View on NVD ↗

CVSS v3

8.8

HIGH

CVSS v2

6.5

MEDIUM

Affected

PROJECT

Description

data_input.php in Cacti 1.2.8 allows remote code execution via a crafted Input String to Data Collection -> Data Input Methods -> Unix -> Ping Host. NOTE: the vendor has stated "This is a false alarm.

Cacti/cacti

Cacti ™

GitHub

1.83K