Description
Zabbix frontend supported an XML data import feature, where on the server it used DOMDocument to parse the XML. By default, DOMDocument also parses the external DTD, which could allow a remote attacker to use a crafted XML file causing Zabbix to read an arbitrary local file, and send the contents of the specified file to a remote server.
Affected versions: 1.8.19, 1.8.20, 2.0.9, 2.0.10, 2.0.11rc2, 2.0.11, 2.2.2, 2.2.3rc1, 2.2.3rc2, 2.2.3
Remediation
Upgrade to the latest version of Zabbix (this issue was fixed in version 2.3.2).
References
Related Vulnerabilities
WordPress Plugin WP Payeezy Pay Local File Inclusion (2.97)
vBulletin routestring Local File Inclusion
WordPress Plugin Slider Revolution Responsive Local File Inclusion (4.1.4)
WordPress Plugin Payment Gateways Caller for WP e-Commerce Local File Inclusion (0.1)
WordPress Plugin WP Fastest Cache Local File Inclusion (0.8.5.9)