Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In the trapper functionality of Zabbix Server 2.4.x, specifically crafted trapper packets can pass database logic checks, resulting in database writes. An attacker can set up a Man-in-the-Middle server to alter trapper requests made between an active Zabbix proxy and Server to trigger this vulnerability.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Zabbix Server 安全漏洞
Vulnerability Description
Zabbix Server是拉脱维亚Zabbix SIA公司的一套应用于服务器端的开源的监控系统。该系统可监视各种网络参数,并提供通知机制让系统管理员快速定位、解决存在的各种问题。 Zabbix Server 2.4.x版本中的trapper功能存在安全漏洞。远程攻击者可借助特制的trapper数据包,通过实施中间人攻击利用该漏洞向数据库中写入任意数据。
CVSS Information
N/A
Vulnerability Type
N/A