| Severity |
|
| Remote |
|
| Type |
| + |
Arbitrary filesystem access |
|
| Description |
| + |
Cacti 1.1.27 allows remote authenticated administrators to read arbitrary files by placing the Log Path into a private directory, and then making a clog.php?filename= request, as demonstrated by filename=passwd (with a Log Path under /etc) to read /etc/passwd. |
|
| References |
| + |
https://github.com/Cacti/cacti/issues/1066 |
| + |
https://github.com/Cacti/cacti/commit/a179e8092dbff7406e39ca16c2823f4fe530f5e0 |
| + |
https://github.com/Cacti/cacti/commit/c0f0ce27f0c281d7e1e57f91891c5ca9a92df013 |
| + |
https://github.com/Cacti/cacti/commit/96d793f33ebf16c0b12e1ec779d7debb87990cdd |
|
| Notes |
|