CVE-2025-27233 | THREATINT

Description

Zabbix Agent 2 smartctl plugin does not properly sanitize smart.disk.get parameters, allowing an attacker to inject unexpected arguments into the smartctl command. This can be used to leak the NTLMv2 hash from a Windows system.

PUBLISHED Reserved 2025-02-20 | Published 2025-09-12 | Updated 2025-09-12 | Assigner Zabbix

MEDIUM: 5.7CVSS:4.0/AV:A/AC:H/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Problem types

CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection')

Product status

Default status

unknown

6.0.0 (git)

affected

7.0.0 (git)

affected

7.2.0 (git)

affected

Credits

Zabbix wants to thank kelsier for submitting this report on the HackerOne bug bounty platform. reporter

References

support.zabbix.com/browse/ZBX-26987

cve.org (CVE-2025-27233)

nvd.nist.gov (CVE-2025-27233)

Download JSON