Hackers Exploit Cacti, Docker API Vulnerabilities
MonitorsFour, a HackTheBox challenge, exploits PHP type juggling for user data and RCE in Cacti. It also abuses the Docker Desktop API to mount the Windows host drive for root access, referencing CVE-2025-24367 and CVE-2025-9074.
Topics
Developing
- 873d Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore.
- 873d Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur.
- 873d Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est.
- 873d Sed ut perspiciatis unde omnis iste natus error sit voluptatem accusantium doloremque laudantium.
Sources · 7 independent
Source Alpha
Source Bravo
Source Charlie
Source Delta
Source Echo
Source Foxtrot
Source Golf
Unlock the full story
Get a Pro subscription or above to see the live story progression and the full list of independent sources confirming each event as they happen.
Log in to upgrade