Share
## https://sploitus.com/exploit?id=FB7C1162-CF5F-547C-ACF1-B4EE074EC01F
## Cacti RCE - CVE-2024-29895

## Usage:

`python3 cve-2024-29895.py -u https://target.com/ -c id`

Affecting Cacti versions 1.3.X on DEV builds where `cmd_realtime.php` is present and `POLLER_ID` is enabled.

Command Injection is possible via this endpoint, by requesting via GET with payload as HTML Query Parameters

## Dork:
Google: `inurl:cmd_realtime.php`

Shodan: `Cacti`

Hunter.how: `/product.name="Cacti"`

FOFA: `app="Cacti-Monitoring"`