{"id":"CVE-2009-4112","details":"Cacti 0.8.7e and earlier allows remote authenticated administrators to gain privileges by modifying the \"Data Input Method\" for the \"Linux - Get Memory Usage\" setting to contain arbitrary commands.","modified":"2026-04-10T03:41:01.306121Z","published":"2009-11-30T21:30:00Z","related":["openSUSE-SU-2020:0272-1","openSUSE-SU-2020:0284-1","openSUSE-SU-2020:0558-1","openSUSE-SU-2020:0565-1","openSUSE-SU-2024:10670-1"],"references":[{"type":"EVIDENCE","url":"http://archives.neohapsis.com/archives/fulldisclosure/2009-11/0292.html"},{"type":"EVIDENCE","url":"http://www.securityfocus.com/bid/37137"},{"type":"WEB","url":"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html"},{"type":"WEB","url":"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html"},{"type":"WEB","url":"http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html"},{"type":"WEB","url":"http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2009/11/26/1"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2009/11/30/2"},{"type":"WEB","url":"http://www.securityfocus.com/archive/1/508129/100/0/threaded"},{"type":"WEB","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/54473"}],"schema_version":"1.7.5"}