CVE-2025-27233
5.7
CVSS:4.0/AV:A/AC:H/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
Summary
Zabbix Agent 2 smartctl plugin does not properly sanitize smart.disk.get parameters, allowing an attacker to inject unexpected arguments into the smartctl command. This can be used to leak the NTLMv2 hash from a Windows system.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Zabbix | Zabbix | 6.0.0 <= 6.0.39 | affected |
| Zabbix | Zabbix | 7.0.0 <= 7.0.10 | affected |
| Zabbix | Zabbix | 7.2.0 <= 7.2.4 | affected |
Weaknesses
- CWE-77: CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection')
Workarounds
Remove smartctl or use strict item key parameter validation with AllowKey/DenyKey.
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.