CVE-2024-29895

This repository contains a functional Python script that exploits CVE-2024-29895, a command injection vulnerability in Cacti 1.3.x DEV. The exploit targets the `cmd_realtime.php` endpoint with a crafted GET request to achieve remote code execution.

The repository contains a functional Python PoC for CVE-2024-29895, a command injection vulnerability in Cacti 1.3.x dev branch. The exploit leverages the `poller_id` parameter in `cmd_realtime.php` to execute arbitrary commands when `register_argc_argv` is enabled.

This repository contains a functional exploit for CVE-2024-29895, a command injection vulnerability in Cacti. The exploit leverages the `register_argc_argv` PHP option being enabled to execute arbitrary commands via crafted HTTP requests to `/cacti/cmd_realtime.php`.

This repository contains a functional Python script that exploits CVE-2024-29895, a command injection vulnerability in Cacti 1.3.x DEV builds via the `cmd_realtime.php` endpoint. The exploit constructs a malicious GET request with a command injection payload and executes arbitrary commands on the target system.

This repository contains a functional exploit PoC for CVE-2024-29895, a command injection vulnerability in Cacti 1.3.x dev branch. The exploit leverages the `poller_id` parameter in `cmd_realtime.php` to execute arbitrary commands when `register_argc_argv` is enabled.

The repository contains a functional Python-based exploit for CVE-2024-29895, a command injection vulnerability in Cacti 1.3.x dev branch. The exploit leverages the `poller_id` parameter in `cmd_realtime.php` to execute arbitrary commands when `register_argc_argv` is enabled.