Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Zabbix Server Security Vulnerabilities

cve
cve

CVE-2017-2824

An exploitable code execution vulnerability exists in the trapper command functionality of Zabbix Server 2.4.X. A specially crafted set of packets can cause a command injection resulting in remote code execution. An attacker can make requests from an active Zabbix Proxy to trigger this vulnerabilit...

8.1CVSS

8.4AI Score

0.695EPSS

2017-05-24 02:29 PM
76
2
cve
cve

CVE-2023-32725

The website configured in the URL widget will receive a session cookie when testing or executing scheduled reports. The received session cookie can then be used to access the frontend as the particular user.

9.6CVSS

8.5AI Score

0.001EPSS

2023-12-18 10:15 AM
53
cve
cve

CVE-2023-32727

An attacker who has the privilege to configure Zabbix items can use function icmpping() with additional malicious command inside it to execute arbitrary code on the current Zabbix server.

7.2CVSS

7.5AI Score

0.002EPSS

2023-12-18 10:15 AM
38