CVE-2009-4112

Cacti 0.8.7e and earlier allows remote authenticated administrators to gain privileges by modifying the "Data Input Method" for the "Linux – Get Memory Usage" setting to contain arbitrary commands.

Date published : 2009-11-30

http://www.securityfocus.com/bid/37137

http://www.securityfocus.com/archive/1/508129/100/0/threaded