CVE-2025-27233

🗓️ 12 Sep 2025 10:32:36Reported by ZabbixType

CVE-2025-27233: Zabbix Agent 2 smartctl plugin allows argument injection in smart.disk.get, leaking windows hash.

Reporter	Title	Published	Views	Family All 17
AlpineLinux	CVE-2025-27233	12 Sep 202511:15	–	alpinelinux
Circl	CVE-2025-27233	12 Sep 202514:53	–	circl
CNNVD	Zabbix 安全漏洞	12 Sep 202500:00	–	cnnvd
Cvelist	CVE-2025-27233 Zabbix Agent 2 smartctl plugin argument injection in Zabbix 6.0 and later.	12 Sep 202510:32	–	cvelist
Debian CVE	CVE-2025-27233	12 Sep 202510:32	–	debiancve
EUVD	EUVD-2025-29035	3 Oct 202520:07	–	euvd
NVD	CVE-2025-27233	12 Sep 202511:15	–	nvd
OSV	DEBIAN-CVE-2025-27233	12 Sep 202511:15	–	osv
OSV	UBUNTU-CVE-2025-27233	12 Sep 202511:15	–	osv
Positive Technologies	PT-2025-37303	1 Jan 202500:00	–	ptsecurity

[
  {
    "defaultStatus": "unknown",
    "modules": [
      "Agent2 plugin"
    ],
    "product": "Zabbix",
    "repo": "https://git.zabbix.com/",
    "vendor": "Zabbix",
    "versions": [
      {
        "changes": [
          {
            "at": "6.0.40",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "6.0.39",
        "status": "affected",
        "version": "6.0.0",
        "versionType": "git"
      },
      {
        "changes": [
          {
            "at": "7.0.11",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "7.0.10",
        "status": "affected",
        "version": "7.0.0",
        "versionType": "git"
      },
      {
        "changes": [
          {
            "at": "7.2.5",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "7.2.4",
        "status": "affected",
        "version": "7.2.0",
        "versionType": "git"
      }
    ]
  }
]

Source	Link
support	www.support.zabbix.com/browse/ZBX-26987

15 Apr 2026 00:35Current

6.4Medium risk

Vulners AI Score6.4

CVSS 45.7

EPSS0.00039

SSVC

CWE-77