CVSS: 9.8EPSS: 2%CPEs: 43EXPL: 2CVE-2014-3005
https://notcve.org/view.php?id=CVE-2014-3005
XML external entity (XXE) vulnerability in Zabbix 1.8.x before 1.8.21rc1, 2.0.x before 2.0.13rc1, 2.2.x before 2.2.5rc1, and 2.3.x before 2.3.2 allows remote attackers to read arbitrary files or potentially execute arbitrary code via a crafted DTD in an XML request. Vulnerabilidad XEE (XML External Entity) en Zabbix 1.8.x anteriores a 1.8.21rc1, 2.0.x anteriores a 2.0.13rc1, 2.2.x anteriores a 2.2.5rc1 y 2.3.x anteriores a 2.3.2 permite que los atacantes remotos lean archivos arbitrarios o puedan ejecutar código arbitrario mediante un DTD manipulado en una petición XML. • http://lists.fedoraproject.org/pipermail/package-announce/2014-June/134885.html http://lists.fedoraproject.org/pipermail/package-announce/2014-June/134909.html http://seclists.org/fulldisclosure/2014/Jun/87 http://www.securityfocus.com/bid/68075 https://bugzilla.redhat.com/show_bug.cgi?id=1110496 https://support.zabbix.com/browse/ZBX-8151 https://web.archive.org/web/20140622034155/http://www.pnigos.com:80/?p=273 • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 7.0EPSS: 0%CPEs: 3EXPL: 1CVE-2017-2825
https://notcve.org/view.php?id=CVE-2017-2825
In the trapper functionality of Zabbix Server 2.4.x, specifically crafted trapper packets can pass database logic checks, resulting in database writes. An attacker can set up a Man-in-the-Middle server to alter trapper requests made between an active Zabbix proxy and Server to trigger this vulnerability. En la funcionalidad trapper de Zabbix Server 2.4.x, los paquetes trapper específicamente manipulados pueden pasar comprobaciones de lógica de base de datos, lo que resulta en escrituras en la base de datos. Un atacante puede establecer un servidor Man-in-the-Middle para alterar las peticiones trapper realizadas entre un proxy y un servidor Zabbix para desencadenar esta vulnerabilidad. • http://www.securityfocus.com/bid/98094 https://talosintelligence.com/vulnerability_reports/TALOS-2017-0326 https://www.debian.org/security/2017/dsa-3937 •
CVSS: 8.1EPSS: 69%CPEs: 23EXPL: 1CVE-2017-2824
https://notcve.org/view.php?id=CVE-2017-2824
An exploitable code execution vulnerability exists in the trapper command functionality of Zabbix Server 2.4.X. A specially crafted set of packets can cause a command injection resulting in remote code execution. An attacker can make requests from an active Zabbix Proxy to trigger this vulnerability. Se presenta una vulnerabilidad de ejecución de código explotable en la funcionalidad trapper command de Zabbix Server versiones 2.4.X. Un conjunto de paquetes especialmente diseñado puede causar una inyección de comando resultando en la ejecución de código remota. • http://www.debian.org/security/2017/dsa-3937 http://www.securityfocus.com/bid/98083 https://talosintelligence.com/vulnerability_reports/TALOS-2017-0325 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.8EPSS: 4%CPEs: 5EXPL: 1CVE-2016-10134 – Zabbix toggle_ids SQL Injection
https://notcve.org/view.php?id=CVE-2016-10134
SQL injection vulnerability in Zabbix before 2.2.14 and 3.0 before 3.0.4 allows remote attackers to execute arbitrary SQL commands via the toggle_ids array parameter in latest.php. Vulnerabilidad de inyección SQL en Zabbix en versiones anteriores a 2.2.14 y 3.0 en versiones anteriores a 3.0.4 permite a atacantes remotos ejecutar comandos SQL arbitrarios a través del parámetro de array toggle_ids en latest.php. • http://www.debian.org/security/2017/dsa-3802 http://www.openwall.com/lists/oss-security/2017/01/12/4 http://www.openwall.com/lists/oss-security/2017/01/13/4 http://www.securityfocus.com/bid/95423 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=850936 https://code610.blogspot.com/2017/10/zbx-11023-quick-autopsy.html https://support.zabbix.com/browse/ZBX-11023 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 8.1EPSS: 2%CPEs: 33EXPL: 4CVE-2016-4338 – Zabbix Agent 3.0.1 - 'mysql.size' Shell Command Injection
https://notcve.org/view.php?id=CVE-2016-4338
The mysql user parameter configuration script (userparameter_mysql.conf) in the agent in Zabbix before 2.0.18, 2.2.x before 2.2.13, and 3.0.x before 3.0.3, when used with a shell other than bash, allows context-dependent attackers to execute arbitrary code or SQL commands via the mysql.size parameter. La secuencia de comandos de configuración de parámetros de usuario de mysql (userparameter_mysql.conf) en el agente en Zabbix en versiones anteriores a 2.0.18, 2.2.x en versiones anteriores a 2.2.13 y 3.0.x en versiones anteriores a 3.0.3, cuando se utiliza con un shell que no sea bash, permite a atacantes dependientes de contexto ejecutar código arbitrario o comandos SQL a través del parámetro mysql.size. Zabbix Agent version 3.0.1 suffers from a remote shell command injection vulnerability via mysql.size. • https://www.exploit-db.com/exploits/39769 http://packetstormsecurity.com/files/136898/Zabbix-Agent-3.0.1-mysql.size-Shell-Command-Injection.html http://seclists.org/fulldisclosure/2016/May/9 http://www.securityfocus.com/archive/1/538258/100/0/threaded http://www.securityfocus.com/bid/89631 https://security.gentoo.org/glsa/201612-42 https://support.zabbix.com/browse/ZBX-10741 https://www.zabbix.com/documentation/2.0/manual/introduction/whatsnew2018#miscellaneous_improvements https://www&# • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •