PRIOn knowledge basePRION:CVE-2017-12065

HistoryAug 01, 2017 - 5:29 a.m.

Code injection

2017-08-0105:29:00

PRIOn knowledge base

www.prio-n.com

9.7 High

AI Score

Confidence

High

0.032 Low

EPSS

Percentile

91.2%

spikekill.php in Cacti before 1.1.16 might allow remote attackers to execute arbitrary code via the avgnan, outlier-start, or outlier-end parameter.

CPENameOperatorVersion
cactile1.1.15

CPE	Name	Operator	Version
	cacti	le	1.1.15

References

www.securityfocus.com/bid/100080

cacti.net/release_notes.php?version=1.1.16

github.com/Cacti/cacti/commit/bd0e586f6f46d814930226f1516a194e7e72293e

github.com/Cacti/cacti/issues/877

security.gentoo.org/glsa/201711-10