Public CVE-2020-9330 disclosure

graph_realtime.php in Cacti 1.2.8 allows remote attackers to execute arbitrary OS commands via shell metacharacters in a cookie, if a guest user has the graph real-time privilege.

Link not working? No problem! With VULNMAP you always have guaranteed access to security information thanks to reliable backups.

Our backup links ensure that critical data remains always available, even in case of unavailability of original sites.