Unrated severityNVD Advisory· Published Dec 18, 2023· Updated Nov 3, 2025

Code execution vulnerability in icmpping

CVE-2023-32727

Description

An attacker who has the privilege to configure Zabbix items can use function icmpping() with additional malicious command inside it to execute arbitrary code on the current Zabbix server.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Zabbix/Zabbixllm-fuzzy2 versions
(expand)+ 1 more
- (no CPE)
- (no CPE)range: 4.0.0
osv-coords5 versions
pkg:rpm/opensuse/zabbix&distro=openSUSE%20Leap%2015.4 pkg:rpm/opensuse/zabbix&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/zabbix&distro=openSUSE%20Tumbleweed pkg:rpm/suse/zabbix&distro=SUSE%20Package%20Hub%2015%20SP4 pkg:rpm/suse/zabbix&distro=SUSE%20Package%20Hub%2015%20SP5
< 4.0.50-bp154.2.9.1+ 4 more
- (no CPE)range: < 4.0.50-bp154.2.9.1
- (no CPE)range: < 4.0.50-bp155.3.9.1
- (no CPE)range: < 6.0.25-1.1
- (no CPE)range: < 4.0.50-bp154.2.9.1
- (no CPE)range: < 4.0.50-bp155.3.9.1

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000

Code execution vulnerability in icmpping

Description

AI Insight

Affected products

Patches

Vulnerability mechanics

References

News mentions