Vulnerability Details : CVE-2016-10134
Public exploit exists!
SQL injection vulnerability in Zabbix before 2.2.14 and 3.0 before 3.0.4 allows remote attackers to execute arbitrary SQL commands via the toggle_ids array parameter in latest.php.
Vulnerability category: Sql Injection
Exploit prediction scoring system (EPSS) score for CVE-2016-10134
Probability of exploitation activity in the next 30 days: 5.37%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 92 % EPSS Score History EPSS FAQ
Metasploit modules for CVE-2016-10134
-
Zabbix toggle_ids SQL Injection
Disclosure Date: 2016-08-11First seen: 2020-04-26auxiliary/gather/zabbix_toggleids_sqliThis module will exploit a SQL injection in Zabbix 3.0.3 and likely prior in order to save the current usernames and password hashes from the database to a JSON file. Authors: - 1n3 <1n3@hushmail.com> - bperry
CVSS scores for CVE-2016-10134
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
9.8
|
CRITICAL | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST |
CWE ids for CVE-2016-10134
-
The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component.Assigned by: nvd@nist.gov (Primary)
References for CVE-2016-10134
-
http://www.securityfocus.com/bid/95423
Zabbix CVE-2016-10134 SQL Injection VulnerabilityThird Party Advisory;VDB Entry
-
https://support.zabbix.com/browse/ZBX-11023
[ZBX-11023] SQL injection vulnerabilities in "Latest data" - ZABBIX SUPPORTExploit;Patch;Vendor Advisory
-
https://code610.blogspot.com/2017/10/zbx-11023-quick-autopsy.html
code16: ZBX-11023 quick autopsy
-
http://www.openwall.com/lists/oss-security/2017/01/13/4
oss-security - Re: CVE Request: Zabbix: SQL injection vulnerabilities in "Latest data"Mailing List;Third Party Advisory
-
http://www.debian.org/security/2017/dsa-3802
Debian -- Security Information -- DSA-3802-1 zabbix
-
http://www.openwall.com/lists/oss-security/2017/01/12/4
oss-security - CVE Request: Zabbix: SQL injection vulnerabilities in "Latest data"Mailing List;Third Party Advisory
-
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=850936
#850936 - zabbix: CVE-2016-10134: SQL injection vulnerabilities in Latest data - Debian Bug report logsThird Party Advisory
Products affected by CVE-2016-10134
- cpe:2.3:a:zabbix:zabbix:*:*:*:*:*:*:*:*
- cpe:2.3:a:zabbix:zabbix:3.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:zabbix:zabbix:3.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:zabbix:zabbix:3.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:zabbix:zabbix:3.0.1:*:*:*:*:*:*:*