18 matches found
Astra Linux – Vulnerability in Zabbix
The Zabbix Agent 2 item key “smart.disk.get” does not sanitize its parameters before passing them to a shell command, which may lead to a vulnerability for remote code execution...
CVE-2025-27234
Zabbix Agent 2 smartctl plugin does not properly sanitize smart.disk.get parameters, allowing an attacker to inject unexpected arguments into the smartctl command. In Zabbix 5.0 this allows for remote code execution...
Arbitrary Command Injection
Overview Affected versions of this package are vulnerable to Arbitrary Command Injection via improper sanitization of parameters in the smart.disk.get process. An attacker can inject arbitrary arguments into the smartctl command by supplying crafted input, potentially leading to the exposure of...
CVE-2025-27233
Zabbix Agent 2 smartctl plugin does not properly sanitize smart.disk.get parameters, allowing an attacker to inject unexpected arguments into the smartctl command. This can be used to leak the NTLMv2 hash from a Windows system...
CVE-2025-27234
Zabbix Agent 2 smartctl plugin does not properly sanitize smart.disk.get parameters, allowing an attacker to inject unexpected arguments into the smartctl command. In Zabbix 5.0 this allows for remote code execution...
DEBIAN-CVE-2025-27233
Zabbix Agent 2 smartctl plugin does not properly sanitize smart.disk.get parameters, allowing an attacker to inject unexpected arguments into the smartctl command. This can be used to leak the NTLMv2 hash from a Windows system...
CVE-2025-27233
Zabbix Agent 2 smartctl plugin does not properly sanitize smart.disk.get parameters, allowing an attacker to inject unexpected arguments into the smartctl command. This can be used to leak the NTLMv2 hash from a Windows system...
UBUNTU-CVE-2025-27233
Zabbix Agent 2 smartctl plugin does not properly sanitize smart.disk.get parameters, allowing an attacker to inject unexpected arguments into the smartctl command. This can be used to leak the NTLMv2 hash from a Windows system...
CVE-2025-27233 Zabbix Agent 2 smartctl plugin argument injection in Zabbix 6.0 and later.
Zabbix Agent 2 smartctl plugin does not properly sanitize smart.disk.get parameters, allowing an attacker to inject unexpected arguments into the smartctl command. This can be used to leak the NTLMv2 hash from a Windows system...
CVE-2025-27233 Zabbix Agent 2 smartctl plugin argument injection in Zabbix 6.0 and later.
Zabbix Agent 2 smartctl plugin does not properly sanitize smart.disk.get parameters, allowing an attacker to inject unexpected arguments into the smartctl command. This can be used to leak the NTLMv2 hash from a Windows system...
CVE-2025-27234
The CVE-2025-27234 entry describes a vulnerability in the Zabbix Agent 2 smartctl plugin where improper sanitization of smart.disk.get parameters allows an attacker to inject arguments into smartctl, leading to remote code execution in Zabbix 5.0. Connected sources (Debian DLA-4473-1, Debian/Ness...
Zabbix 安全漏洞
Zabbix is an open source monitoring system from Zabbix. The system supports network monitoring, server monitoring, cloud monitoring, and application monitoring. A security vulnerability exists in Zabbix that stems from not properly cleaning up the smart.disk.get parameter, which could lead to the...
Zabbix 安全漏洞
Zabbix is an open source monitoring system from Zabbix. The system supports network monitoring, server monitoring, cloud monitoring, and application monitoring. A security vulnerability exists in Zabbix version 5.0 that stems from not properly cleaning the smart.disk.get parameter, which could le...
The vulnerability of the smart.disk.get component in the universal monitoring system Zabbix allows a attacker to execute arbitrary code.
The vulnerability of the smart.disk.get component in the universal monitoring system of Zabbix is related to the introduction of malicious code. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
SUSE CVE-2023-32728
The Zabbix Agent 2 item key smart.disk.get does not sanitize its parameters before passing them to a shell command resulting possible vulnerability for remote code execution...
DEBIAN-CVE-2023-32728
The Zabbix Agent 2 item key smart.disk.get does not sanitize its parameters before passing them to a shell command resulting possible vulnerability for remote code execution...
UBUNTU-CVE-2023-32728
The Zabbix Agent 2 item key smart.disk.get does not sanitize its parameters before passing them to a shell command resulting possible vulnerability for remote code execution...
PT-2023-8850 · Zabbix +4 · Zabbix Agent 2 +5
Name of the Vulnerable Software and Affected Versions: Zabbix Agent 2 affected versions not specified Description: The issue is related to the Zabbix Agent 2 item key smart.disk.get not sanitizing its parameters before passing them to a shell command, which could lead to remote code execution. Th...