This Metasploit module exploits a SQL injection vulnerability in Cacti versions 1.2.12 and below. An admin can exploit the filter variable within color.php to pull arbitrary values as well as conduct stacked queries. With stacked queries, the path_php_binary value is changed within the settings table to a payload, and an update is called to execute the payload. After calling the payload, the value is reset.

You May Also Like

South Africa’s logistics company Transnet SOC hit by a ransomware attack

Transnet SOC Ltd, a large South African rail, port and pipeline company, announced it was hit by…

BlackMatter ransomware group claims to be Darkside and REvil succesor

BlackMatter ransomware gang, a new threat actor appears in the threat landscape…