Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
XML external entity (XXE) vulnerability in Zabbix 1.8.x before 1.8.21rc1, 2.0.x before 2.0.13rc1, 2.2.x before 2.2.5rc1, and 2.3.x before 2.3.2 allows remote attackers to read arbitrary files or potentially execute arbitrary code via a crafted DTD in an XML request.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Zabbix 安全漏洞
Vulnerability Description
Zabbix是拉脱维亚Zabbix SIA公司的一套开源的监控系统。该系统可监视各种网络参数,并提供通知机制让系统管理员快速定位、解决存在的各种问题。 Zabbix中存在XML外部实体注入漏洞。远程攻击者可借助XML请求中特制的DTD利用该漏洞读取任意文件或可能执行任意代码。以下版本受到影响:Zabbix 1.8.21rc1之前的1.8.x版本,2.0.13rc1之前的2.0.x版本,2.2.5rc1之前的2.2.x版本,2.3.2之前的2.3.x版本。
CVSS Information
N/A
Vulnerability Type
N/A