---

CVE-2017-16641 - log back

CVE-2017-16641 created at 25 Sep 2019 19:31:40
Severity	+ High
Remote	+ Remote
Type	+ Arbitrary command execution
Description	+ lib/rrd.php in Cacti 1.1.27 allows remote authenticated administrators to execute arbitrary OS commands via the path_rrdtool parameter in an action=save request to settings.php.
References	+ https://github.com/Cacti/cacti/commit/e8088bb6593e6a49d000c342d17402f01db8740e
Notes