Exploit for Improper Input Validation in Cacti CVE-2024-25641

Name: Exploit for Improper Input Validation in Cacti CVE-2024-25641
Rating: 5 (100 reviews)
2025-03-17 | CVSS 9.1
## https://sploitus.com/exploit?id=DB6FE167-7CB9-5E26-907C-82E229E49522
# CVE-2024-25641 Exploit for Cacti 1.2.26

Exploiting CVE-2024-25641 on Cacti 1.2.26. When a user is authenticated, an arbitrary file write vulnerability allows Remote Code Execution (RCE).

---

## Overview
This script automates the process of exploiting **CVE-2024-25641** in **Cacti 1.2.26**. The vulnerability allows authenticated users with the `Import Templates` permission to achieve **Remote Code Execution (RCE)** via the `Package Import` feature.

📌 **Original Advisory:** [GitHub Security Advisory](https://github.com/Cacti/cacti/security/advisories/GHSA-7cmj-g5qc-pj88)

----
## Features
- ✅ **Fully Automated Exploitation**: Simplifies the attack process.
- ⚡ **Flexible Targeting**: Easily configure target URL, credentials, and payload.
- 📦 **Dependency Management**: Ensure smooth installation via `requirements.txt`.

## Prerequisites
Ensure you have the following installed:
- 🐍 **Python 3.x**
- 📜 Required Python modules (install via `requirements.txt`)

## Installation
Clone the repository:
```sh
git clone https://github.com/regantemudo/CVE-2024-25641-Exploit-for-Cacti-1.2.26.git
cd CVE-2024-25641-Exploit-for-Cacti-1.2.26
```

Install dependencies:
```sh
pip install -r requirements.txt
```

## Usage
### 🚀 Prepare Your PHP Payload
By default, the script uses `./php/reverse_shell.php` as the payload. Modify the IP address and port inside the PHP script accordingly.

### 🔥 Run the Exploit
```sh
python3 cacti_exploit.py <URL> <username> <password> [-p <payload_path>]
```

#### Arguments:
- 🌍 `URL`: The target Cacti URL.
- 👤 `username`: Login username.
- 🔑 `password`: Login password.
- 🛠️ `-p/--payload`: (Optional) Path to a custom PHP payload (default: `./php/reverse_shell.php`).

### ⚡ Execute the Payload
Once the script successfully uploads the PHP payload, execute it via the browser or directly through the script.

## Project Structure
```
CVE-2024-25641-Exploit-for-Cacti-1.2.26/
│── php/
|  ├── reverse_shell.php
│── README.md
│── cacti_exploit.py
│── requirements.txt
```

## ⚠️ Disclaimer
This tool is strictly for **educational and authorized penetration testing**. Unauthorized use is illegal and may lead to severe consequences. The authors hold no responsibility for any misuse or damage caused by this software.