Zabbix: Critical server vulnerability wich allows to injection SQL into “clientip” and exploit time based blind SQL injection

In Zabbix version 6.0.0 – 7.0.0alpha1 a critical vulnerability CVE-2024-22120 was detected. This vulnerability allows the attacker to perform command execution for configured scripts. After it is possible to inject SQL into “clientip” and exploit time based blind SQL injection. To address this issue, users are advised to upgrade to the version 7.0.0 beta1. For more details, visit https://avd.aquasec.com/nvd/2024/cve-2024-22120/.