VYPR
Unrated severityCISA KEVNVD Advisory· Published Jan 13, 2022· Updated Oct 21, 2025

Possible view of the setup pages by unauthenticated users if config file already exists

CVE-2022-23134

Description

After the initial setup process, some steps of setup.php file are reachable not only by super-administrators, but by unauthenticated users as well. Malicious actor can pass step checks and potentially change the configuration of Zabbix Frontend.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.