CVE-2023-39539

HIGH LAB

AMI AptioV - Unrestricted Upload of Dangerous File Type via PNG Logo

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2023-39539. PoCs published by AdamWen230.

AI-analyzed exploit summary This repository contains a functional PoC for CVE-2023-39539, an authenticated SQL injection vulnerability in Cacti 1.2.22. The exploit leverages a time-based SQLi in the 'site_id' parameter to modify the 'path_php_binary' setting, enabling remote command execution via a reverse shell.

Description

AMI AptioV contains a vulnerability in BIOS where a User may cause an unrestricted upload of a PNG Logo file with dangerous type by Local access. A successful exploit of this vulnerability may lead to a loss of Confidentiality, Integrity, and/or Availability. 

Exploits (1)

nomisec WORKING POC 1 stars
by AdamWen230 · poc
https://github.com/AdamWen230/CVE-2023-39539-PoC

This repository contains a functional PoC for CVE-2023-39539, an authenticated SQL injection vulnerability in Cacti 1.2.22. The exploit leverages a time-based SQLi in the 'site_id' parameter to modify the 'path_php_binary' setting, enabling remote command execution via a reverse shell.

Classification
Working Poc 95%
Attack Type
Sqli
Complexity
Moderate
Reliability
Reliable
Target: Cacti 1.2.22
Auth required
Prerequisites: Valid credentials for Cacti · Network access to the target · Python 3 environment
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (3)

Core 3

Scores

CVSS v3 7.5
EPSS 0.0062
EPSS Percentile 45.3%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Lab Environment

COMMUNITY
Community Lab
docker pull vulhub/cacti:1.2.22

Details

CWE
CWE-20 CWE-434
Status published
Products (1)
ami/aptio_v
Published Dec 06, 2023
Tracked Since Feb 18, 2026