Exploit for Authentication Bypass by Spoofing in Zabbix CVE-2022-23131

Name: Exploit for Authentication Bypass by Spoofing in Zabbix CVE-2022-23131
Rating: 5 (278 reviews)

2023-01-07 | CVSS 5.1

## https://sploitus.com/exploit?id=007F0400-CE2C-5E60-9459-E910F38FF6CC
# cve-2022-23131
FOFA
>app="ZABBIX-监控系统" && body="saml"

运行
>python cve-2022-23131.py https://www.example.com Admin

利用exp生成signed_session，替换cookie，再点击 Sign in with Single Sign-On (SAML)
默认是Admin

(尊重尺度，后果自负)


萍水相逢，致敬不甘平凡的平凡人