Primary

Context

Zabbix Agent 2 Docker Plugin Arbitrary File Read Vulnerability via Docker API Injection

Vulnerability

Patched

A vulnerability exists in the Zabbix Agent 2 Docker plugin, specifically in versions 6.0.0 prior to 6.0.44, 7.0.0 prior to 7.0.23, and 7.4.0 prior to 7.4.7. The issue arises because the plugin fails to properly sanitize the 'docker.container_info' parameters before forwarding them to the Docker daemon. This lack of validation allows an attacker who can invoke Agent 2 to read arbitrary files from running Docker containers by injecting requests through the Docker archive API.

Impact

Exploitation of this vulnerability allows for arbitrary file read from Docker containers, potentially leading to exposure of sensitive information or files on the host system.

Remediation

Users can update to Zabbix Agent 2 versions 6.0.44, 7.0.23, or 7.4.7 to address this vulnerability.

Added: Mar 24, 2026, 7:42 PM

Updated: Mar 24, 2026, 7:42 PM

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

0.8

exploitability

4.5

remediation

7.7

relevance

4.6

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

0.8

exploitability

4.5

remediation

7.7

relevance

4.6

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Zabbix Agent 2 Docker Plugin Arbitrary File Read Vulnerability via Docker API Injection

Vulnerability

Impact

Remediation

Affected Products

Zabbix Agent 2

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating