CVE-2025-27233Command Injection in Zabbix

CWE-77Command Injection5 documents5 sources
Severity
5.7MEDIUMNVD
EPSS
0.0%
top 89.79%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Zabbix
Timeline
PublishedSep 12

Description

Zabbix Agent 2 smartctl plugin does not properly sanitize smart.disk.get parameters, allowing an attacker to inject unexpected arguments into the smartctl command. This can be used to leak the NTLMv2 hash from a Windows system.

CVSS vector

CVSS:4.0/AV:A/AC:H/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Affected Packages2 packages

Debianzabbix/zabbix< 1:7.0.22+dfsg-1~deb13u1+1
CVEListV5zabbix/zabbix6.0.06.0.39+2

🔴Vulnerability Details

3
CVEList
Zabbix Agent 2 smartctl plugin argument injection in Zabbix 6.0 and later.2025-09-12
OSV
CVE-2025-27233: Zabbix Agent 2 smartctl plugin does not properly sanitize smart2025-09-12
GHSA
GHSA-hh74-wwvh-3g5f: Zabbix Agent 2 smartctl plugin does not properly sanitize smart2025-09-12

📋Vendor Advisories

1
Debian
CVE-2025-27233: zabbix - Zabbix Agent 2 smartctl plugin does not properly sanitize smart.disk.get paramet...2025
CVE-2025-27233 — Command Injection in Zabbix | cvebase