Cacti 1.2.22 Command Injection

Posted on 24 January 2023

This Metasploit module exploits an unauthenticated command injection vulnerability in Cacti versions through 1.2.22 in order to achieve unauthenticated remote code execution as the www-data user.