CVE-2024-36465

HIGH

Zabbix 7.0.0-7.0.6 - Authenticated SQL Injection via groupBy Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2024-36465. PoCs published by milo2012.

AI-analyzed exploit summary The repository contains a functional exploit for CVE-2024-36465, demonstrating SQL injection in Zabbix's API via the 'groupBy' parameter in the 'action.get' method. The exploit authenticates, injects SQL payloads, and extracts user credentials from the database.

Description

A low privilege (regular) Zabbix user with API access can use SQL injection vulnerability in include/classes/api/CApiService.php to execute arbitrary SQL commands via the groupBy parameter.

Exploits (1)

github WORKING POC

by milo2012 · pythonpoc

https://github.com/milo2012/CVE-PoCs/tree/main/CVE-2024-36465.py

View Code ZIP pw:eip

The repository contains a functional exploit for CVE-2024-36465, demonstrating SQL injection in Zabbix's API via the 'groupBy' parameter in the 'action.get' method. The exploit authenticates, injects SQL payloads, and extracts user credentials from the database.

Classification

Working Poc 95%

Attack Type

Sqli

Complexity

Moderate

Reliability

Reliable

Target: Zabbix (likely 7.0.4 or similar versions)

Auth required

Prerequisites: valid Zabbix credentials · network access to the Zabbix API endpoint

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 27, 2026 Full analysis →

References (1)

Core 1

Core References

Vendor Advisory

https://support.zabbix.com/browse/ZBX-26257

Scores

CVSS v3 8.8

EPSS 0.2124

EPSS Percentile 97.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-89

Status published

Products (2)

zabbix/zabbix 7.0.8 rc1

zabbix/zabbix 7.0.0 - 7.0.7

Published Apr 02, 2025

Tracked Since Feb 18, 2026