Vulnerabilities

CVE-2025-27233

by Fred · 12/09/2025

Zabbix Agent 2 smartctl plugin does not properly sanitize smart.disk.get parameters, allowing an attacker to inject unexpected arguments into the smartctl command. This can be used to leak the NTLMv2 hash from a Windows system.

More information : https://support.zabbix.com/browse/ZBX-26987

Similar

Tags: Cybersecurity Alert