CVE-2023-41717

MEDIUM

Zscaler Proxy <3.6.1.25 - Auth Bypass

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2023-41717. PoCs published by federella.

AI-analyzed exploit summary This repository provides a functional proof-of-concept for CVE-2023-41717, demonstrating how local attackers can bypass Zscaler Proxy's file download restrictions by fragmenting HTTP requests using the Range header or BITS protocol. The included PowerShell script reconstructs the fragmented payloads to retrieve blocked password-protected archives.

Description

Inappropriate file type control in Zscaler Proxy versions 3.6.1.25 and prior allows local attackers to bypass file download/upload restrictions.

Exploits (1)

nomisec WORKING POC 12 stars
by federella · poc
https://github.com/federella/CVE-2023-41717

This repository provides a functional proof-of-concept for CVE-2023-41717, demonstrating how local attackers can bypass Zscaler Proxy's file download restrictions by fragmenting HTTP requests using the Range header or BITS protocol. The included PowerShell script reconstructs the fragmented payloads to retrieve blocked password-protected archives.

Classification
Working Poc 95%
Attack Type
Auth Bypass
Complexity
Moderate
Reliability
Reliable
Target: Zscaler Proxy versions 3.6.1.25 and prior
No auth needed
Prerequisites: Access to a network with Zscaler Proxy · Ability to intercept/modify HTTP requests or use BITS protocol
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (1)

Core 1
Core References
Exploit, Third Party Advisory
https://github.com/federella/CVE-2023-41717

Scores

CVSS v3 5.5
EPSS 0.0036
EPSS Percentile 28.0%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact partial

Details

CWE
CWE-552
Status published
Products (1)
zscaler/zscaler_proxy < 3.6.1.25
Published Aug 31, 2023
Tracked Since Feb 18, 2026