关联漏洞
标题:
Zabbix 安全漏洞
(CVE-2022-23131)
描述:Zabbix是拉脱维亚Zabbix公司的一套开源的监控系统。该系统支持网络监控、服务器监控、云监控和应用监控等。 Zabbix 存在安全漏洞,该漏洞源于在启用 SAML SSO 身份验证(非默认)的情况下,恶意行为者可以修改会话数据,因为存储在会话中的用户登录未经过验证。 未经身份验证的恶意攻击者可能会利用此问题来提升权限并获得对 Zabbix 前端的管理员访问权限。
描述
Zabbix Frontend Authentication Bypass Vulnerability
介绍
# CVE-2022-23131
Zabbix Frontend Authentication Bypass Vulnerability
## Description
This script is an exploit for **CVE-2022-23131**, a vulnerability in the Zabbix SSO (Single Sign-On) mechanism. The vulnerability allows an attacker to bypass authentication via a specially crafted `zbx_session` cookie, giving unauthorized access to the Zabbix dashboard.
Zabbix versions 5.4.0 through 5.4.8 and 6.0.0alpha2 through 6.0.0rc1 are vulnerable.
## Usage
This script checks if a target is vulnerable to **CVE-2022-23131** and retrieves the `zbx_session` cookie for further use.
To successfully run this script you will need a valid username of Zabbix user.
### How to Run the Exploit
1. Clone the repository to your local machine:
```bash
git clone https://github.com/davidzzo23/cve-2022-23131.git
cd cve-2022-23131-exploit
```
2. Run the script with the following command:
```bash
python3 CVE-2022-23131.py <target_url> <username>
```
3. Example usage:
```bash
python3 exploit.py https://192.168.210.13 admin
```
4. Copy and paste the cookie value into the "zbx_session" Cookie and refresh the page to get authenticated as the specified user.
## Disclaimer
This script is intended for educational purposes only. Unauthorized use of this exploit on systems without permission is illegal. The author is not responsible for any misuse or damages caused by this exploit.
文件快照
[4.0K] /data/pocs/69ebc07f1c0af5dde14947ac4699d48e73abfa27
├── [3.0K] CVE-2022-23131.py
└── [1.4K] README.md
0 directories, 2 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。