3 matches found
CVE-2025-27234 Zabbix Agent 2 smartctl plugin RCE vulnerability in Zabbix 5.0.
Zabbix Agent 2 smartctl plugin does not properly sanitize smart.disk.get parameters, allowing an attacker to inject unexpected arguments into the smartctl command. In Zabbix 5.0 this allows for remote code execution...
CVE-2021-46088
Zabbix 4.0 LTS, 4.2, 4.4, and 5.0 LTS is vulnerable to Remote Code Execution RCE. Any user with the "Zabbix Admin" role is able to run custom shell script on the application server in the context of the application user...
CVE-2013-7484
Zabbix before 5.0 represents passwords in the users table with unsalted MD5...