Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2024-42327 — SQL Injection in Zabbix

CWE-89 — SQL Injection7 documents7 sources

Severity

9.9CRITICALNVD

EPSS

91.4%

top 0.34%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Zabbix

Timeline

PublishedNov 27

Latest updateApr 16

Description

A non-admin user account on the Zabbix frontend with the default User role, or with any other role that gives API access can exploit this vulnerability. An SQLi exists in the CUser class in the addRelatedObjects function, this function is being called from the CUser.get function which is available for every user who has API access.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:HExploitability: 3.1 | Impact: 6.0

Affected Packages3 packages

▶NVDzabbix/zabbix6.0.0 — 6.0.32+2

▶Debianzabbix/zabbix< 1:7.0.1+dfsg-1+1

▶CVEListV5zabbix/zabbix6.0.0 — 6.0.31+2

🔴Vulnerability Details

CVEList

SQL injection in user.get API↗2024-11-27

▶

GHSA

GHSA-gx59-7g62-6xhg: A non-admin user account on the Zabbix frontend with the default User role, or with any other role that gives API access can exploit this vulnerabilit↗2024-11-27

▶

OSV

CVE-2024-42327: A non-admin user account on the Zabbix frontend with the default User role, or with any other role that gives API access can exploit this vulnerabilit↗2024-11-27

▶

💥Exploits & PoCs

Exploit-DB

Zabbix 7.0.0 - SQL Injection↗2025-04-16

▶

🔍Detection Rules

Suricata

ET WEB_SPECIFIC_APPS Zabbix Server SQLi API user.get Method (CVE-2024-42327)↗2024-12-05

▶

📋Vendor Advisories

Debian

CVE-2024-42327: zabbix - A non-admin user account on the Zabbix frontend with the default User role, or w...↗2024

▶