add: Zabbix(CVE-2022-23134)

2025-05-05 10:16:59 +00:00 · 2022-03-18 18:25:33 +08:00 · 2022-03-18 18:25:33 +08:00 · 9924ac1dae
commit 9924ac1dae
parent 5cbb8690f3
2 changed files with 9 additions and 0 deletions
--- a/Zabbix/CVE-2022-23134/README.md
+++ b/Zabbix/CVE-2022-23134/README.md
@ -0,0 +1,9 @@
+# Zabbix Setup Configuration Unauthenticated Access (CVE-2022-23134)
+
+Zabbix is an open source monitoring system. The system supports network monitoring, server monitoring, cloud monitoring and application monitoring, etc. After the initial setup process, some steps of setup.php file are reachable not only by super-administrators, but by unauthenticated users as well. Malicious actor can pass step checks and potentially change the configuration of Zabbix Frontend.
+
+FOFA **query rule**: [banner="zbx_session=" || header="zbx_session="](https://fofapro.com/result?qbase64=YmFubmVyPSJ6Ynhfc2Vzc2lvbj0iIHx8IGhlYWRlcj0iemJ4X3Nlc3Npb249Ig%3D%3D)
+
+# Demo
+
+![Zabbix_Setup_Configuration_Unauthenticated_Access_CVE_2022_23134](Zabbix_Setup_Configuration_Unauthenticated_Access_CVE_2022_23134.gif)
--- a/Zabbix/CVE-2022-23134/Zabbix_Setup_Configuration_Unauthenticated_Access_CVE_2022_23134.gif
+++ b/Zabbix/CVE-2022-23134/Zabbix_Setup_Configuration_Unauthenticated_Access_CVE_2022_23134.gif