Security Advisory
CVE-2025-27234
CVE vulnerability detail — eXtreme Datacenter Security Operations
Description
Zabbix Agent 2 smartctl plugin does not properly sanitize smart.disk.get parameters, allowing an attacker to inject unexpected arguments into the smartctl command. In Zabbix 5.0 this allows for remote code execution.