Lucene search
+L

34 matches found

NVD
NVD
added 2025/09/12 11:15 a.m.12 views

CVE-2025-27233

Zabbix Agent 2 smartctl plugin does not properly sanitize smart.disk.get parameters, allowing an attacker to inject unexpected arguments into the smartctl command. This can be used to leak the NTLMv2 hash from a Windows system...

5.7CVSS0.0016EPSS
Exploits0References1
NVD
NVD
added 2025/09/12 11:15 a.m.14 views

CVE-2025-27234

Zabbix Agent 2 smartctl plugin does not properly sanitize smart.disk.get parameters, allowing an attacker to inject unexpected arguments into the smartctl command. In Zabbix 5.0 this allows for remote code execution...

7.3CVSS0.00291EPSS
Exploits0References2
OSV
OSV
added 2025/09/12 11:15 a.m.2 views

CVE-2025-27234

Zabbix Agent 2 smartctl plugin does not properly sanitize smart.disk.get parameters, allowing an attacker to inject unexpected arguments into the smartctl command. In Zabbix 5.0 this allows for remote code execution...

8.1AI score
Exploits0References1
OSV
OSV
added 2025/09/12 11:15 a.m.5 views

CVE-2025-27233

Zabbix Agent 2 smartctl plugin does not properly sanitize smart.disk.get parameters, allowing an attacker to inject unexpected arguments into the smartctl command. This can be used to leak the NTLMv2 hash from a Windows system...

6.8AI score
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/12 10:32 a.m.4 views

CVE-2025-27233 Zabbix Agent 2 smartctl plugin argument injection in Zabbix 6.0 and later.

Zabbix Agent 2 smartctl plugin does not properly sanitize smart.disk.get parameters, allowing an attacker to inject unexpected arguments into the smartctl command. This can be used to leak the NTLMv2 hash from a Windows system...

5.7CVSS6.4AI score0.0016EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/09/12 10:32 a.m.14 views

CVE-2025-27233 Zabbix Agent 2 smartctl plugin argument injection in Zabbix 6.0 and later.

Zabbix Agent 2 smartctl plugin does not properly sanitize smart.disk.get parameters, allowing an attacker to inject unexpected arguments into the smartctl command. This can be used to leak the NTLMv2 hash from a Windows system...

5.7CVSS0.0016EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2025/09/12 10:32 a.m.42 views

CVE-2025-27233

Zabbix Agent 2 smartctl plugin does not properly sanitize smart.disk.get parameters, allowing an attacker to inject unexpected arguments into the smartctl command. This can be used to leak the NTLMv2 hash from a Windows system...

5.7CVSS5.2AI score0.0016EPSS
Exploits0
CVE
CVE
added 2025/09/12 10:31 a.m.34 views

CVE-2025-27234

The CVE-2025-27234 entry describes a vulnerability in the Zabbix Agent 2 smartctl plugin where improper sanitization of smart.disk.get parameters allows an attacker to inject arguments into smartctl, leading to remote code execution in Zabbix 5.0. Connected sources (Debian DLA-4473-1, Debian/Ness...

7.3CVSS7.7AI score0.00291EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/01/01 12:0 a.m.6 views

PT-2025-37304

Name of the Vulnerable Software and Affected Versions: Zabbix Agent 2 versions 5.0 and earlier Description: The Zabbix Agent 2 smartctl plugin does not properly sanitize smart.disk.get parameters, potentially allowing an attacker to inject unexpected arguments into the smartctl command. This can...

7.7CVSS5.8AI score0.00291EPSS
Exploits0References15
OSV
OSV
added 2023/12/18 10:15 a.m.5 views

DEBIAN-CVE-2023-32728

The Zabbix Agent 2 item key smart.disk.get does not sanitize its parameters before passing them to a shell command resulting possible vulnerability for remote code execution...

9.8CVSS6.8AI score0.00753EPSS
Exploits0References1
OSV
OSV
added 2023/12/18 10:15 a.m.19 views

UBUNTU-CVE-2023-32728

The Zabbix Agent 2 item key smart.disk.get does not sanitize its parameters before passing them to a shell command resulting possible vulnerability for remote code execution...

9.8CVSS6.1AI score0.00753EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/12/18 12:0 a.m.9 views

Zabbix Security Vulnerabilities

Zabbix is an open source monitoring system from Zabbix. The system supports network monitoring, server monitoring, cloud monitoring and application monitoring. A security vulnerability exists in Zabbix Agent2 that stems from the presence of a remote code execution vulnerability. Affected products...

9.8CVSS8AI score0.00753EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/12/18 12:0 a.m.5 views

PT-2023-8850 · Zabbix +4 · Zabbix Agent 2 +5

Name of the Vulnerable Software and Affected Versions: Zabbix Agent 2 affected versions not specified Description: The issue is related to the Zabbix Agent 2 item key smart.disk.get not sanitizing its parameters before passing them to a shell command, which could lead to remote code execution. Th...

10CVSS7.6AI score0.00873EPSS
Exploits1References39
CNNVD
CNNVD
added 2023/10/12 12:0 a.m.7 views

Zabbix Code Injection Vulnerability

Zabbix is an open source monitoring system from Zabbix. The system supports network monitoring, server monitoring, cloud monitoring, and application monitoring. A security vulnerability exists in the Zabbix plugin Agent 2, which stems from the fact that Agent 2 packages are built using a version ...

9.8CVSS6.8AI score0.02281EPSS
Exploits0References2
Rows per page
Query Builder