Vulnerabilities > CVE-2021-40643 - Unspecified vulnerability in Eyesofnetwork

CVSS 10.0 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

low complexity

eyesofnetwork

critical

NVD

Published: 2022-06-30

Updated: 2022-07-11

Summary

EyesOfNetwork before 07-07-2021 has a Remote Code Execution vulnerability on the mail options configuration page. In the location of the "sendmail" application in the "cacti" configuration page (by default/usr/sbin/sendmail) it is possible to execute any command, which will be executed when we make a test of the configuration ("send test mail").

Vulnerable Configurations

Part	Description	Count
Application	Eyesofnetwork Eyesofnetwork Eyesofnetwork *	1

References

https://www.eyesofnetwork.com/en/news/vulnerabilite-cacti
https://eyesofnetwork.com