From the Zabbix admin panel, the user can execute pre-created scripts (by default, ping and traceroute).
After the script is executed, the event is recorded in the Audit Log. The event has a field with the client IP. Because it is not sanitized, it results in SQL injection.
The script receives an admin session and sends a reverse shell.
After the script is executed, the event is recorded in the Audit Log. The event has a field with the client IP. Because it is not sanitized, it results in SQL injection.
The script receives an admin session and sends a reverse shell.