Chutchut

**Name of the Vulnerable Software and Affected Versions** Cacti versions prior to 1.2.29 **Description** Cacti is an open source performance and fault management framework. An authenticated user can abuse the graph creation and graph template functionality, which is linked to the improper handling of line delimiters, to create arbitrary PHP scripts in the web root of the application. This can lead to remote code execution on the server. **Recommendations** Update to version 1.2.29.