This repository is to provide a write-up and PoC for CVE-2023-41717.
CVE-2023-41717 Inappropriate file type control in Zscaler Proxy versions 36125 and prior allows local attackers to bypass file download/upload restrictions Executive Summary During the summer of 2022, I have found a vulnerability affecting the ZScaler proxy (versions 36125 and prior) This vulnerability would allow local attackers to bypass the restriction on downloads/u