The host is installed with Cacti 1.2.6 and is prone to an insecure direct object reference vulnerability. A flaw is present in the application, which fails to properly handle a modified local_graph_id parameter. Successful exploitation allows an attacker to access sensitive information or perform unauthorized actions by manipulating object references.