'; } else{ echo ''; } echo 'Hillstone Networks'; } elseif ($_SERVER[HTTP_HOST] == "update1.huaantech.com.cn") { echo ''; echo 'huaantech'; } elseif ($_SERVER[HTTP_HOST] == "update1.dcnetworks.com.cn") { echo ''; echo 'dcnetworks'; } elseif ($_SERVER[HTTP_HOST] == "update1.w-ibeda.com") { if (false===strpos($_SERVER[REQUEST_URI],"/en/")) echo ''; else echo ''; echo 'w-ibeda'; } elseif ($_SERVER[HTTP_HOST] == "update1.hp-telecom.com") { echo ''; echo 'hp-telecom'; } elseif ($_SERVER[HTTP_HOST] == "update1.maipu.com") { echo ''; echo 'Maipu'; } elseif ($_SERVER[HTTP_HOST] == "update1.ncurity.com") { echo ''; echo 'Ncurity'; } elseif ($_SERVER[HTTP_HOST] == "update1.socusnetwork.com") { echo ''; echo 'Socusnetwork'; } else{ echo ''; echo 'Hillstone Networks'; } ?>
 
   
 

vul_other:cacti_input_validation_flaw_in_spikekill.php_lets_remote_users_conduct_cross-site_scripting_attacks(Rule ID:1070310051)

Release Date2025/9/15

Rule NameCVE-2017-12927: Cacti Input Validation Flaw in spikekill.php Lets Remote Users Conduct Cross-site Scripting Attacks Vulnerability

Severity:mid

CVE IDCVE-2017-12927

 

Descripiton

The 'spikekill' script does not properly filter HTML code from user-supplied input in the 'method' parmeter before displaying the input. A remote user can cause arbitrary scripting code to be executed by the target user's browser. The code will originate from the site running the Cacti software and will run in the security context of that site. As a result, the code will be able to access the target user's cookies, if any, associated with the site, access data recently submitted by the target user via web form to the site, or take actions on the site acting as the target user. This rule supports to defend the A6: Vulnerable and Outdated Components and A3: Injection of OWASP Top 10 - 2021.
Other reference:None

 

Solution

Update vendor patches.