← back
CVE-2014-4000

CVE-2014-4000

EPSS 1.7%
Cacti before 1.0.0 allows remote authenticated users to conduct PHP object injection attacks and execute arbitrary PHP code via a crafted serialized object, related to calling unserialize(stripslashes()).
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://forums.cacti.net/viewtopic.php?f=4&t=56794https://security.gentoo.org/glsa/201711-10https://security-tracker.debian.org/tracker/CVE-2014-4000https://www.cacti.net/release_notes_1_0_0.php