Zabbix Agentd
by Zabbix
CVEs (10)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-49642 | Med | 0.38 | — | 0.00 | Dec 1, 2025 | Library loading on AIX Zabbix Agent builds can be hijacked by local users with write access to the /home/cecuser directory. | ||
| CVE-2025-27233 | Med | 0.37 | — | 0.00 | Sep 12, 2025 | Zabbix Agent 2 smartctl plugin does not properly sanitize smart.disk.get parameters, allowing an attacker to inject unexpected arguments into the smartctl command. This can be used to leak the NTLMv2 hash from a Windows system. | ||
| CVE-2026-23927 | Med | 0.33 | — | 0.00 | May 6, 2026 | A user able to connect to Agent 2 can inject an Oracle TNS connection string via the 'service' parameter. This can lead to Agent 2 connecting to an attacker-controlled server and leaking Oracle database credentials if they are saved in a named session. | ||
| CVE-2008-1353 | 0.03 | — | 0.06 | Mar 17, 2008 | zabbix_agentd in ZABBIX 1.4.4 allows remote attackers to cause a denial of service (CPU and connection consumption) via multiple vfs.file.cksum commands with a special device node such as /dev/urandom or /dev/zero. | |||
| CVE-2007-6210 | 0.03 | — | 0.01 | Dec 4, 2007 | zabbix_agentd 1.1.4 in ZABBIX before 1.4.3 runs "UserParameter" scripts with gid 0, which might allow local users to gain privileges. | |||
| CVE-2026-23924 | 0.00 | — | 0.00 | Mar 24, 2026 | Zabbix Agent 2 Docker plugin does not properly sanitize the 'docker.container_info' parameters when forwarding them to the Docker daemon. An attacker capable of invoking Agent 2 can read arbitrary files from running Docker containers by injecting them via the Docker archive API. | |||
| CVE-2024-22121 | 0.00 | — | 0.00 | Aug 9, 2024 | A non-admin user can change or remove important features within the Zabbix Agent application, thus impacting the integrity and availability of the application. | |||
| CVE-2023-32728 | 0.00 | — | 0.01 | Dec 18, 2023 | The Zabbix Agent 2 item key smart.disk.get does not sanitize its parameters before passing them to a shell command resulting possible vulnerability for remote code execution. | |||
| CVE-2022-43516 | 0.00 | — | 0.01 | Dec 12, 2022 | A Firewall Rule which allows all incoming TCP connections to all programs from any source and to all ports is created in Windows Firewall after Zabbix agent installation (MSI) | |||
| CVE-2022-22704 | 0.00 | — | 0.01 | Jan 6, 2022 | The zabbix-agent2 package before 5.4.9-r1 for Alpine Linux sometimes allows privilege escalation to root because the design incorrectly expected that systemd would (in effect) determine part of the configuration. |
- risk 0.38cvss —epss 0.00
Library loading on AIX Zabbix Agent builds can be hijacked by local users with write access to the /home/cecuser directory.
- risk 0.37cvss —epss 0.00
Zabbix Agent 2 smartctl plugin does not properly sanitize smart.disk.get parameters, allowing an attacker to inject unexpected arguments into the smartctl command. This can be used to leak the NTLMv2 hash from a Windows system.
- risk 0.33cvss —epss 0.00
A user able to connect to Agent 2 can inject an Oracle TNS connection string via the 'service' parameter. This can lead to Agent 2 connecting to an attacker-controlled server and leaking Oracle database credentials if they are saved in a named session.
- CVE-2008-1353Mar 17, 2008risk 0.03cvss —epss 0.06
zabbix_agentd in ZABBIX 1.4.4 allows remote attackers to cause a denial of service (CPU and connection consumption) via multiple vfs.file.cksum commands with a special device node such as /dev/urandom or /dev/zero.
- CVE-2007-6210Dec 4, 2007risk 0.03cvss —epss 0.01
zabbix_agentd 1.1.4 in ZABBIX before 1.4.3 runs "UserParameter" scripts with gid 0, which might allow local users to gain privileges.
- CVE-2026-23924Mar 24, 2026risk 0.00cvss —epss 0.00
Zabbix Agent 2 Docker plugin does not properly sanitize the 'docker.container_info' parameters when forwarding them to the Docker daemon. An attacker capable of invoking Agent 2 can read arbitrary files from running Docker containers by injecting them via the Docker archive API.
- CVE-2024-22121Aug 9, 2024risk 0.00cvss —epss 0.00
A non-admin user can change or remove important features within the Zabbix Agent application, thus impacting the integrity and availability of the application.
- CVE-2023-32728Dec 18, 2023risk 0.00cvss —epss 0.01
The Zabbix Agent 2 item key smart.disk.get does not sanitize its parameters before passing them to a shell command resulting possible vulnerability for remote code execution.
- CVE-2022-43516Dec 12, 2022risk 0.00cvss —epss 0.01
A Firewall Rule which allows all incoming TCP connections to all programs from any source and to all ports is created in Windows Firewall after Zabbix agent installation (MSI)
- CVE-2022-22704Jan 6, 2022risk 0.00cvss —epss 0.01
The zabbix-agent2 package before 5.4.9-r1 for Alpine Linux sometimes allows privilege escalation to root because the design incorrectly expected that systemd would (in effect) determine part of the configuration.