{"vulnerability": "CVE-2024-25641", "sightings": [{"uuid": "e597c40c-ac20-4b82-bef8-5dbddfd21d88", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25641", "type": "seen", "source": "MISP/ee858909-f8a2-42b9-bf6d-a9c32932d238", "content": "", "creation_timestamp": "2024-10-23T14:06:53.000000Z"}, {"uuid": "0c383bd2-fc5d-4ce5-af2f-98b4930d2988", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25641", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:46.000000Z"}, {"uuid": "7ed7ae3e-4a76-4f0d-95b9-234b63e49ec5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25641", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:11:01.000000Z"}, {"uuid": "a080e2fb-397d-4ee5-bbb6-7d7b67e1ab03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25641", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:02.000000Z"}, {"uuid": "398fd1d4-06d6-4c8b-a351-3cb1cf2d9695", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25641", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lmxigypvxn2t", "content": "", "creation_timestamp": "2025-04-16T21:02:24.609461Z"}, {"uuid": "02eed9a8-d04b-4c85-b1ba-a4eb6ffc6ecc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25641", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/cacti_package_import_rce.rb", "content": "", "creation_timestamp": "2024-06-12T22:59:03.000000Z"}, {"uuid": "a37f8c55-a321-4430-8e17-0b968d35f78f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25641", "type": "seen", "source": "Telegram/5_gTRnAzC7QkctLxXM-GfEUDh3CfCQGOGyKJ8ULXmoCBhQ", "content": "", "creation_timestamp": "2024-05-14T15:53:21.000000Z"}, {"uuid": "d5fda836-330c-4631-a48c-7eef89f511ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25641", "type": "seen", "source": "Telegram/mmbqk-FVHJnaVbo0loKJRZrYKTfO6mWdsWAP_D9vTGJO-ys", "content": "", "creation_timestamp": "2024-05-14T14:27:54.000000Z"}, {"uuid": "c79d7190-77e1-4dd7-800e-19322c5a45a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25641", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8456", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aThis repository automates the process of exploiting CVE-2024-25641 on Cacti 1.2.26\nURL\uff1ahttps://github.com/5ma1l/CVE-2024-25641\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-09-05T11:53:49.000000Z"}, {"uuid": "d45da613-ab70-4f0b-8d20-2dcea5729c81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25641", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8382", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCacti v1.2.26 Authenticated RCE Proof of Concept (PoC)\nURL\uff1ahttps://github.com/Safarchand/CVE-2024-25641\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-08-27T16:43:13.000000Z"}, {"uuid": "ba1eac4c-0c68-4ca3-89e9-4aa81383b536", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25641", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/9132", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aPoC for CVE-2024-25641 Authenticated RCE on Cacti v1.2.26\nURL\uff1ahttps://github.com/XiaomingX/cve-2024-25641-poc\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-11-22T14:07:18.000000Z"}, {"uuid": "81c195e3-46f1-4ea7-8359-a76761c9e7c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25641", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8371", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aCVE-2024-25641 - RCE Automated Exploit - Cacti 1.2.26\nURL\uff1ahttps://github.com/thisisveryfunny/CVE-2024-25641-RCE-Automated-Exploit-Cacti-1.2.26\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2024-08-27T01:24:43.000000Z"}, {"uuid": "09582d0c-7a03-47cc-a684-921cb542f32e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25641", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/9138", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aPoC for CVE-2024-25641 Authenticated RCE on Cacti v1.2.26\nURL\uff1ahttps://github.com/0xDTC/Umbraco-CMS-7.12.4-Authenticated-RCE\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2024-11-22T16:43:17.000000Z"}, {"uuid": "1b6bd179-4afa-47ef-8773-bb0cc21bea74", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25641", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/9136", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aPoC for CVE-2024-25641 Authenticated RCE on Cacti v1.2.26\nURL\uff1ahttps://github.com/XiaomingX/awesome-webshell\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2024-11-22T15:13:08.000000Z"}, {"uuid": "dfede1d0-3602-4bd6-b9ae-fff27c14f674", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25641", "type": "published-proof-of-concept", "source": "https://t.me/itsec_news/4427", "content": "\u200b\u26a1\ufe0fCacti \u0432\u043d\u043e\u0432\u044c \u043f\u043e\u0434 \u0443\u0434\u0430\u0440\u043e\u043c: \u0441\u0440\u0430\u0437\u0443 12 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u044e\u0442 \u0445\u0430\u043a\u0435\u0440\u0430\u043c \u043f\u0443\u0442\u0438 \u0434\u043b\u044f \u0430\u0442\u0430\u043a\n\n\ud83d\udcac\u0420\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 Cacti, \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c \u0434\u043b\u044f \u043c\u043e\u043d\u0438\u0442\u043e\u0440\u0438\u043d\u0433\u0430 \u0438 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0441\u0435\u0442\u044f\u043c\u0438, \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0438 12 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0434\u0432\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435, \u0432\u0435\u0434\u0443\u0449\u0438\u0435 \u043a \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430.\n\n\u0412\u043e\u0442 \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0441\u0435\u0440\u044c\u0451\u0437\u043d\u044b\u0435 \u0438\u0437 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439:\n\nCVE-2024-25641 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS 9.1). \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0440\u0438 \u0437\u0430\u043f\u0438\u0441\u0438 \u0432 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u0444\u0430\u0439\u043b \u0432 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u00ab\u0418\u043c\u043f\u043e\u0440\u0442 \u043f\u0430\u043a\u0435\u0442\u043e\u0432\u00bb, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0441 \u0440\u0430\u0437\u0440\u0435\u0448\u0435\u043d\u0438\u0435\u043c \u043d\u0430 \u00ab\u0418\u043c\u043f\u043e\u0440\u0442 \u0448\u0430\u0431\u043b\u043e\u043d\u043e\u0432\u00bb \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 PHP-\u043a\u043e\u0434 \u043d\u0430 \u0432\u0435\u0431-\u0441\u0435\u0440\u0432\u0435\u0440\u0435, \u0447\u0442\u043e \u0441\u043f\u043e\u0441\u043e\u0431\u043d\u043e \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u043c\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043a\u043e\u0434\u0430.\nCVE-2024-29895 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS 10.0). \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043b\u044e\u0431\u043e\u043c\u0443 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044e \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0435 \u043f\u0440\u0438 \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u043d\u043e\u0439 \u043e\u043f\u0446\u0438\u0438 \u00abregister_argc_argv\u00bb \u0432 PHP.\n\u0422\u0430\u043a\u0436\u0435 \u0431\u044b\u043b\u0438 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u044b \u0434\u0432\u0435 \u0434\u0440\u0443\u0433\u0438\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u043b\u0438 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043a\u043e\u0434\u0430 \u0447\u0435\u0440\u0435\u0437 SQL-\u0438\u043d\u044a\u0435\u043a\u0446\u0438\u044e \u0438 \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435 \u0444\u0430\u0439\u043b\u043e\u0432:\n\nCVE-2024-31445 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS 8.8). \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c SQL-\u0438\u043d\u044a\u0435\u043a\u0446\u0438\u0438 \u0432 api_automation.php, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u044d\u0441\u043a\u0430\u043b\u0430\u0446\u0438\u044e \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0441 \u043f\u043e\u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u043c \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u044b\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u043a\u043e\u0434\u0430.\nCVE-2024-31459 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS: \u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0443\u0435\u0442). \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f \u0444\u0430\u0439\u043b\u0430 lib/plugin.php, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0432\u043c\u0435\u0441\u0442\u0435 \u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e SQL-\u0438\u043d\u044a\u0435\u043a\u0446\u0438\u0438 \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430.\n\u0421\u043b\u0435\u0434\u0443\u0435\u0442 \u043e\u0442\u043c\u0435\u0442\u0438\u0442\u044c, \u0447\u0442\u043e 10 \u0438\u0437 12 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0437\u0430 \u0438\u0441\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435\u043c CVE-2024-29895 \u0438 CVE-2024-30268 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0442 \u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 Cacti \u0434\u043e 1.2.26 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e. \u042d\u0442\u0438 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0431\u044b\u043b\u0438 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u044b \u0432 \u0432\u0435\u0440\u0441\u0438\u0438 1.2.27, \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043d\u043e\u0439 13 \u043c\u0430\u044f 2024 \u0433\u043e\u0434\u0430. \u0414\u0432\u0435 \u0434\u0440\u0443\u0433\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0442 \u0432\u0435\u0440\u0441\u0438\u0438 1.3.x \u0434\u043b\u044f \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u043e\u0432.\n\n\u0414\u0430\u043d\u043d\u0430\u044f \u0441\u0438\u0442\u0443\u0430\u0446\u0438\u044f \u0432\u043e\u0437\u043d\u0438\u043a\u043b\u0430 \u0441 Cacti \u0441\u043f\u0443\u0441\u0442\u044f \u0431\u043e\u043b\u0435\u0435 \u0432\u043e\u0441\u044c\u043c\u0438 \u043c\u0435\u0441\u044f\u0446\u0435\u0432 \u043f\u043e\u0441\u043b\u0435 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u0440\u0443\u0433\u043e\u0439 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 SQL-\u0438\u043d\u044a\u0435\u043a\u0446\u0438\u0438 ( CVE-2023-39361, CVSS 9.8), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u043d\u044b\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u043a\u043e\u0434.\n\n\u0410 \u0432 \u043d\u0430\u0447\u0430\u043b\u0435 2023 \u0433\u043e\u0434\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0434 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u043e\u043c CVE-2022-46169 \u0441 \u043e\u0446\u0435\u043d\u043a\u043e\u0439 CVSS 9.8 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u0437\u043b\u0430\u043c\u044b\u0432\u0430\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0435 \u0438\u0437 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u044b Cacti \u0434\u043b\u044f \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0431\u043e\u0442\u043d\u0435\u0442\u043e\u0432 MooBot \u0438 ShellBot.\n\n\u041f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 PoC-\u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b \u0434\u043b\u044f \u0432\u044b\u0448\u0435\u043e\u043f\u0438\u0441\u0430\u043d\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0443\u0436\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0432 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u0445 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u044f\u0445 GitHub, \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435 \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0434\u043e \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 \u0434\u043b\u044f \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0449\u0435\u043d\u0438\u044f \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0433\u0440\u043e\u0437.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2024-05-14T14:37:41.000000Z"}, {"uuid": "db2b74da-b448-46a1-83d5-802d7e8a38bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25641", "type": "seen", "source": "https://gist.github.com/TempAle97/cba7ec48350bc3e288e691872277b558", "content": "", "creation_timestamp": "2025-12-01T05:14:14.000000Z"}, {"uuid": "0c14b929-b0e6-49b4-b4ad-d732d4d1762e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25641", "type": "seen", "source": "https://gist.github.com/TempAle97/0d7ee5f6eb204093db5abcb6e5d040b8", "content": "", "creation_timestamp": "2025-12-01T05:11:44.000000Z"}, {"uuid": "410267a0-1cde-40c0-9d4b-5c157f52996a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25641", "type": "published-proof-of-concept", "source": "Telegram/fo9HSyervRu8zmZqDISxrEVJ89qXzcJOGMtymBsqB2XNIxc", "content": "", "creation_timestamp": "2026-01-01T15:00:08.000000Z"}, {"uuid": "67d3591d-e48c-486d-baa2-1b579925b398", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25641", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8370", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-25641 - RCE Automated Exploit - Cacti 1.2.26\nURL\uff1ahttps://github.com/thisisveryfunny/CVE-2024-25641---RCE-Automated-Exploit---Cacti-1.2.26\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-08-27T01:20:33.000000Z"}, {"uuid": "91d57b2e-da51-4eaf-80c3-6058bca61f60", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25641", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8403", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aFully automated PoC - CVE-2024-25641 - RCE - Cacti < v1.2.26 \ud83c\udf35\nURL\uff1ahttps://github.com/StopThatTalace/CVE-2024-25641-CACTI-RCE-1.2.26\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-08-29T06:31:28.000000Z"}, {"uuid": "c68e133c-a05d-418f-885e-dba287814b79", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25641", "type": "published-proof-of-concept", "source": "https://t.me/TheDarkWebInformer/2792", "content": "\ud83d\udea8CVE-2024-25641 - Fully automated PoC - RCE - Cacti < v1.2.26\n\nhttps://darkwebinformer.com/cve-2024-25641-fully-automated-poc-rce-cacti-v1-2-26/", "creation_timestamp": "2024-08-30T19:00:25.000000Z"}, {"uuid": "91c4c3ae-2f13-4e76-bb8e-b2f5664f299f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25641", "type": "seen", "source": "https://t.me/tengkorakcybercrewz/1419", "content": "The Hacker News\nCritical Flaws in Cacti Framework Could Let Attackers Execute Malicious Code\n\nThe maintainers of the Cacti open-source network monitoring and fault management framework have addressed a dozen security flaws, including two critical issues that could lead to the execution of arbitrary code.\nThe most severe of the vulnerabilities are listed below -\n\nCVE-2024-25641 (CVSS score: 9.1) - An arbitrary file write vulnerability in the \"Package Import\" feature that", "creation_timestamp": "2024-05-14T15:53:22.000000Z"}, {"uuid": "d0b541ca-ac35-477b-8956-210eed73bfb0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25641", "type": "seen", "source": "https://t.me/tengkorakcybercrewz/7603", "content": "The Hacker News\nCritical Flaws in Cacti Framework Could Let Attackers Execute Malicious Code\n\nThe maintainers of the Cacti open-source network monitoring and fault management framework have addressed a dozen security flaws, including two critical issues that could lead to the execution of arbitrary code.\nThe most severe of the vulnerabilities are listed below -\n\nCVE-2024-25641 (CVSS score: 9.1) - An arbitrary file write vulnerability in the \"Package Import\" feature that", "creation_timestamp": "2024-05-14T15:53:22.000000Z"}, {"uuid": "d9b518d4-1f58-4965-a696-85081a68f471", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25641", "type": "seen", "source": "https://t.me/HackingInsights/381", "content": "\u200aCacti Network Monitoring Software Patched for Critical Security Flaws (CVE-2024-25641)\n\nhttps://securityonline.info/cacti-network-monitoring-software-patched-for-critical-security-flaws-cve-2024-25641/", "creation_timestamp": "2024-05-13T14:19:10.000000Z"}, {"uuid": "8bf06535-eb42-4070-a647-05cdb2a76207", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25641", "type": "seen", "source": "Telegram/J1Aac1aUXF7aI0K440tvcgJz2NJmZaODrNRoS9RyKFA-vw", "content": "", "creation_timestamp": "2024-05-14T19:28:03.000000Z"}, {"uuid": "df835a64-a31f-4ee3-a5ae-1fe082d012b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25641", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/10529", "content": "#exploit\n1. CVE-2024-25641:\nCacti RCE when importing packages\nhttps://github.com/Cacti/cacti/security/advisories/GHSA-7cmj-g5qc-pj88\n]-> https://karmainsecurity.com/KIS-2024-04\n\n2. CVE-2024-30163:\nInvision Community <=4.7.15 (store .php) SQL Injection\nhttps://karmainsecurity.com/KIS-2024-02\n\n3. CVE-2024-27130:\nQNAP RCE PoC\nhttps://github.com/watchtowrlabs/CVE-2024-27130", "creation_timestamp": "2024-05-19T15:31:55.000000Z"}, {"uuid": "a74bb096-f1cb-47ee-ad20-25a20304e99b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25641", "type": "seen", "source": "https://t.me/KomunitiSiber/1937", "content": "Critical Flaws in Cacti Framework Could Let Attackers Execute Malicious Code\nhttps://thehackernews.com/2024/05/critical-flaws-in-cacti-framework-could.html\n\nThe maintainers of the\u00a0Cacti\u00a0open-source network monitoring and fault management framework have addressed a dozen security flaws, including two critical issues that could lead to the execution of arbitrary code.\nThe most severe of the vulnerabilities are listed below -\n\nCVE-2024-25641\u00a0(CVSS score: 9.1) - An arbitrary file write vulnerability in the \"Package Import\" feature that", "creation_timestamp": "2024-05-14T14:57:25.000000Z"}]}