CWE-144

Improper Neutralization of Line Delimiters

1 CVEs Avg CVSS 8.7 MITRE

0

CRITICAL

1

HIGH

0

MEDIUM

0

LOW

1

POC

0

KEV

Monthly

CVE-2025-24367 HIGH POC PATCH THREAT This Week

Cacti monitoring platform prior to version 1.2.29 allows authenticated users to achieve remote code execution through the graph creation and template functionality. Attackers abuse the graphing engine to create arbitrary PHP scripts in the web root, escalating from monitoring access to full server control.

RCE PHP Cacti Suse

NVD GitHub

CVSS 4.0

8.7

EPSS

90.5%

CVE-2025-24367

EPSS 90% CVSS 8.7

HIGH POC PATCH THREAT This Week

Cacti monitoring platform prior to version 1.2.29 allows authenticated users to achieve remote code execution through the graph creation and template functionality. Attackers abuse the graphing engine to create arbitrary PHP scripts in the web root, escalating from monitoring access to full server control.

RCE PHP Cacti +1

NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy