Vulnerability identifier: #VU25543

Vulnerability risk: High

CVSSv3.1: 7.9 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]

CVE-ID: CVE-2020-8813

CWE-ID: CWE-78

Exploitation vector: Network

Exploits in database: 8

• November 4, 2022
  • CVE-2020-8813-Cacti-RCE-in-graph_realtime (CVE-2020-8813 - RCE through graph_realtime.php in Cacti 1.2.8) [Github]
• June 17, 2021
  • Cacti v1.2.8 - Unauthenticated Remote Code Execution (Metasploit) [Exploit-DB]
  • Cacti 1.2.8 - Unauthenticated Remote Code Execution [Exploit-DB]
  • Cacti 1.2.8 - Authenticated Remote Code Execution [Exploit-DB]
  • Open-AudIT Professional 3.3.1 - Remote Code Execution [Exploit-DB]
• May 12, 2021
  • Cacti-CVE-2020-8813 () [Github]
• March 18, 2020
  • CVE-2020-8813 (The official exploit for Cacti v1.2.8 Remote Code Execution CVE-2020-8813) [Github]
  • Cacti 1.2.8 - Remote Code Execution [Exploit-DB]

Impact: Code execution

Vulnerable software:
Cacti
Web applications / Other software

Vendor: The Cacti Group, Inc.