VYPR
Unrated severityNVD Advisory· Published Aug 9, 2024· Updated Nov 3, 2025

AT(GSM) Command Injection

CVE-2024-22122

Description

Zabbix allows to configure SMS notifications. AT command injection occurs on "Zabbix Server" because there is no validation of "Number" field on Web nor on Zabbix server side. Attacker can run test of SMS providing specially crafted phone number and execute additional AT commands on modem.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Zabbix/Zabbixllm-fuzzy2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: 5.0.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.