CRITICAL🇵🇱 Wersja polska

CVE-2024-22116

CVSS 9.9v3.1pub. 2024-08-12upd. 2025-11-03

An administrator with restricted permissions can exploit the script execution functionality within the Monitoring Hosts section. The lack of default escaping for script parameters enabled this user ability to execute arbitrary code via the Ping script, thereby compromising infrastructure.

🤖 AI Analysis
How it works

The script execution functionality in the Monitoring Hosts section does not apply default escaping of parameters passed to scripts. A logged-in administrator with limited privileges can modify the Ping script parameters in such a way as to inject and execute arbitrary system commands (command injection). The lack of input data sanitization allows passing a malicious payload, which is subsequently interpreted and executed by the system.

Impact

An attacker can execute arbitrary code on the Zabbix server, leading to complete system compromise — loss of confidentiality, integrity and availability of data and the entire monitored infrastructure.

Mitigation & patch

Security patches provided by the vendor should be applied according to the references. Users of Debian distributions should check security updates announced on the debian-lts-announce mailing list (October 2024). It is also recommended to limit the number of accounts with administrative privileges to the minimum necessary.

Who is affected

Zabbix — versions indicated in vendor references (details: https://support.zabbix.com/browse/ZBX-25016)

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
  • Zabbix

    APP
    Zabbix
    7.0.06.4.9 – 6.4.15
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCE
CWE
References

Related vulnerabilities

CVE-2022-23131CRITICAL9.1⚠ KEVten sam produkt

In the case of instances where the SAML SSO authentication is enabled (non-default), session data can be modif...

CVE-2024-42327CRITICAL9.9PL ✓ten sam produkt

SQL Injection w Zabbix – podatność w klasie CUser umożliwia eskalację uprawnień

CVE-2024-42330CRITICAL9.1PL ✓ten sam produkt

Zabbix: niekodowane nagłówki HTTP umożliwiają dostęp do ukrytych właściwości obiektów

CVE-2024-36461CRITICAL9.1PL ✓ten sam produkt

Zabbix: modyfikacja wskaźników pamięci w silniku JavaScript (RCE/DoS)

CVE-2024-22120CRITICAL9.1PL ✓ten sam produkt

Zabbix Server — time-based blind SQL injection przez pole clientip