Fluid Attacks Database

Description

Zabbix Agent 2 smartctl plugin does not properly sanitize smart.disk.get parameters, allowing an attacker to inject unexpected arguments into the smartctl command. This can be used to leak the NTLMv2 hash from a Windows system.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
debian 12	zabbix	=1:6.0.14+dfsg-1 \|\| =1:6.0.23+dfsg-1 \|\| =1:6.0.23+dfsg-1~bpo12+1 \|\| =1:6.0.24+dfsg-1 \|\| =1:6.0.25+dfsg-1 \|\| =1:6.0.29+dfsg-1 \|\| =1:7.0.0+dfsg-1 \|\| =1:7.0.0+dfsg-2 \|\| =1:7.0.0+dfsg-2~bpo12+1 \|\| =1:7.0.1+dfsg-1 \|\| =1:7.0.1+dfsg-1~bpo12+1 \|\| =1:7.0.10+dfsg-1 \|\| =1:7.0.10+dfsg-2 \|\| =1:7.0.2+dfsg-1 \|\| =1:7.0.2+dfsg-1~bpo12+1 \|\| =1:7.0.22+dfsg-1 \|\| =1:7.0.22+dfsg-1~bpo13+1 \|\| =1:7.0.22+dfsg-1~deb13u1 \|\| =1:7.0.3+dfsg-1 \|\| =1:7.0.5+dfsg-1 \|\| =1:7.0.5+dfsg-1~bpo12+1 \|\| =1:7.0.6+dfsg-1 \|\| =1:7.0.9+dfsg-1 \|\| =1:7.0.9+dfsg-1~bpo12+1	-
debian 13	zabbix	=1:7.0.10+dfsg-2 \|\| =1:7.0.22+dfsg-1~bpo13+1 \|\| >=0 <1:7.0.22+dfsg-1~deb13u1	1:7.0.22+dfsg-1~deb13u1
debian 14	zabbix	=1:7.0.10+dfsg-2 \|\| =1:7.0.22+dfsg-1~bpo13+1 \|\| =1:7.0.22+dfsg-1~deb13u1 \|\| >=0 <1:7.0.22+dfsg-1	1:7.0.22+dfsg-1

Aliases

1. CVE-2025-272332. NVD-2025-272333. OSV-DEBIAN-2025-272334. OSV-2025-272335. SECURITY-TRACKER-CVE-2025-27233

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.