CVE-2025-27233 | Zabbix Agent 2 smartctl Plugin up to 6.0.39/7.0.10/7.2.4 Parameter smart.disk.get command injection (WID-SEC-2025-2042)

A vulnerability, which was classified as critical, was found in Zabbix Agent 2 smartctl Plugin up to 6.0.39/7.0.10/7.2.4. This vulnerability affects unknown code of the component Parameter Handler. The manipulation of the argument smart.disk.get results in command injection.

This vulnerability is identified as CVE-2025-27233. The attack can only be performed from the local network. There is not any exploit available.VulDB Recent EntriesRead More