Zabbix Agent 2 smtctl Plugin: Param Injection Leaks NTLMv2
CVE-2025-27233 Published on September 12, 2025
Zabbix Agent 2 smartctl plugin argument injection in Zabbix 6.0 and later.
Zabbix Agent 2 smartctl plugin does not properly sanitize smart.disk.get parameters, allowing an attacker to inject unexpected arguments into the smartctl command. This can be used to leak the NTLMv2 hash from a Windows system.
Weakness Type
What is a Command Injection Vulnerability?
The software constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.
CVE-2025-27233 has been classified to as a Command Injection vulnerability or weakness.
Products Associated with CVE-2025-27233
stack.watch emails you whenever new vulnerabilities are published in Zabbix or Zabbix Agent2. Just hit a watch button to start following.
Affected Versions
Zabbix:- Version 6.0.0, <= 6.0.39 is affected.
- Version 7.0.0, <= 7.0.10 is affected.
- Version 7.2.0, <= 7.2.4 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.