RCE in Zabbix
CVE-2025-27233
Zabbix Agent 2 smartctl plugin does not properly sanitize smart.disk.get parameters, allowing an attacker to inject unexpected arguments into the smartctl command. This can be used to leak the NTLMv2 hash from a Windows system.
Vulnerability class: Command Injection (OS Command Injection)
EPSS: 0.002 (5.6th percentile) — read the EPSS interpretation.
Affected products
- Zabbix — versions 6.0.0, 7.0.0, 7.2.0