CVE-2020-8813

This exploit targets Cacti v1.2.8 by injecting a reverse shell payload via the 'Cacti' cookie in a request to 'graph_realtime.php'. It leverages unauthenticated access to execute arbitrary commands on the target system.

This exploit targets CVE-2020-8813 in Cacti v1.2.8, leveraging authenticated RCE via CSRF token manipulation and cookie injection to execute a reverse shell. It requires valid credentials and enables guest access to exploit the vulnerability.

The repository contains two functional Python scripts demonstrating pre-auth and post-auth RCE in Cacti v1.2.8 via command injection in the 'Cacti' cookie. The exploit leverages improper input validation in 'graph_realtime.php' to execute arbitrary commands.

This repository contains a functional Python exploit for CVE-2020-8813, which allows remote command execution in Cacti 1.2.8 via command injection through the `graph_realtime.php` script. The exploit supports both authenticated and guest access modes, with options for live interactive shells or single command execution.

This repository contains a functional exploit for CVE-2020-8813, an unauthenticated remote code execution vulnerability in Cacti v1.2.8. The exploit leverages a cookie injection flaw in the `graph_realtime.php` endpoint to execute arbitrary commands.

This repository contains a functional exploit for CVE-2020-8813, an unauthenticated remote code execution vulnerability in Cacti v1.2.8. The exploit leverages a command injection flaw in the `graph_realtime.php` endpoint via a maliciously crafted cookie.