Exploit to CVE-2022-46169 vulnerability on Cacti 1.2.19
[Options]
-u --url victim's url
-f --forwarded X-Forwarded value to bypass the auth
[Usage]
- $> ./cve_2022_46169.py -u http://10.10.10.10/cacti -f 10.10.10.10
- $> ./cve_2022_46169.py -u http://10.10.10.10/cacti -f 127.0.0.1
[References]
https://www.sonarsource.com/blog/cacti-unauthenticated-remote-code-execution/