Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2024-22120 PoC — Zabbix 安全漏洞

Source
https://github.com/g4nkd/CVE-2024-22120-RCE-with-gopher
Associated Vulnerability
Title:Zabbix 安全漏洞 (CVE-2024-22120)
Description:Zabbix是Zabbix公司的一套开源的监控系统。该系统支持网络监控、服务器监控、云监控和应用监控等。 Zabbix存在安全漏洞,该漏洞源于对字段未进行有效清理,导致基于时间的盲SQL注入。
Description
This is my exploit for CVE-2024-22120, which involves an SSRF vulnerability inside an XXE with a Gopher payload.
Readme
This is my exploit for CVE-2024-22120, which involves an SSRF vulnerability inside an XXE with a Gopher payload. The script results in a reverse shell by default.
File Snapshot

 [4.0K]  /data/pocs/4ebd195e319392e74cbbf23e562dd1c7743c8ce5
├── [6.1K]  exploit.py
└── [ 163]  README.md

0 directories, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.