Primary

Context

Zabbix Agent 2 Smartctl Plugin Remote Code Execution Vulnerability

Vulnerability

Patched

A remote code execution vulnerability exists in the Zabbix Agent 2 smartctl plugin, specifically in Zabbix version 5.0. The issue arises because the plugin fails to properly sanitize parameters for the 'smart.disk.get' command, allowing attackers to inject unexpected arguments that could be executed as code.

Impact

Exploitation of this vulnerability allows for remote code execution on the system where Zabbix Agent 2 is running.

Reproduction

To reproduce this vulnerability, an attacker can send a request to the Zabbix Agent 2 to monitor a metric using the 'smart.disk.get' item key. The request should include malicious arguments that take advantage of the plugin's lack of input validation, injecting unexpected commands to be executed.

Remediation

Users can update to Zabbix Agent 2 version 5.0.47 or later, where this vulnerability has been fixed. Alternatively, the smartctl plugin can be removed or configured to validate item key parameters more strictly.

Added: Sep 12, 2025, 11:19 AM

Updated: Sep 12, 2025, 11:19 AM

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

10.0

exploitability

4.3

remediation

8.3

relevance

0.5

threat

1.6

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

10.0

exploitability

4.3

remediation

8.3

relevance

0.5

threat

1.6

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Zabbix Agent 2 Smartctl Plugin Remote Code Execution Vulnerability

Vulnerability

Impact

Reproduction

Remediation

Affected Products

Zabbix Agent 2

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating