CVE-2005-10004

high-risk
Published 2025-08-30

Cacti versions prior to 0.8.6-d contain a remote command execution vulnerability in the graph_view.php script. An authenticated user can inject arbitrary shell commands via the graph_start GET parameter, which is improperly handled during graph rendering. This flaw allows attackers to execute commands on the underlying operating system with the privileges of the web server process, potentially compromising system integrity.

Do I need to act?

!
54.0% chance of exploitation in next 30 days
EPSS score — higher than 46% of all CVEs
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
8
CVSS 8.8/10 High
NETWORK / LOW complexity

Affected Products (1)

Affected Vendors

Cacti

References (6)

Exploit https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exp...
Product https://web.archive.org/web/20050305034552/http://www.cacti.net/cactid_download....
Product https://www.cacti.net/info/downloads
Exploit https://www.exploit-db.com/exploits/16881
Exploit https://www.exploit-db.com/exploits/9911
Third Party Advisory https://www.vulncheck.com/advisories/cacti-graph-view-rce
53
/ 100
high-risk
Severity 30/34 · Critical
Exploitability 18/34 · Moderate
Exposure 5/34 · Minimal