CVE-2024-43363

HIGH

Cacti < 1.2.28 - Authenticated Remote Code Execution via Log Poisoning

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2024-43363. PoCs published by p33d.

AI-analyzed exploit summary This repository contains a functional Python exploit for CVE-2024-43363, which leverages log poisoning in Cacti to achieve remote code execution. The script checks the version, creates a malicious device with PHP-injected code, and verifies log poisoning.

Description

Cacti is an open source performance and fault management framework. An admin user can create a device with a malicious hostname containing php code and repeat the installation process (completing only step 5 of the installation process is enough, no need to complete the steps before or after it) to use a php file as the cacti log file. After having the malicious hostname end up in the logs (log poisoning), one can simply go to the log file url to execute commands to achieve RCE. This issue has been addressed in version 1.2.28 and all users are advised to upgrade. There are no known workarounds for this vulnerability.

Exploits (1)

nomisec WORKING POC 4 stars

by p33d · poc

https://github.com/p33d/CVE-2024-43363

View Code ZIP pw:eip

This repository contains a functional Python exploit for CVE-2024-43363, which leverages log poisoning in Cacti to achieve remote code execution. The script checks the version, creates a malicious device with PHP-injected code, and verifies log poisoning.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Cacti 1.2.27

Auth required

Prerequisites: Valid session token · Access to Cacti instance

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1220 - XSL Script Processing

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (2)

Core 2

Core References

Mailing List

https://lists.debian.org/debian-lts-announce/2025/02/msg00010.html

Exploit, Third Party Advisory x_refsource_confirm

https://github.com/Cacti/cacti/security/advisories/GHSA-gxq4-mv8h-6qj4

Scores

CVSS v3 7.2

EPSS 0.3581

EPSS Percentile 98.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact total

Details

CWE

CWE-94

Status published

Products (1)

cacti/cacti < 1.2.28

Published Oct 07, 2024

Tracked Since Feb 18, 2026