9.9
CVSSv3

CVE-2024-42327

Published: 27/11/2024 Updated: 27/11/2024

Vulnerability Summary

A non-admin user account on the Zabbix frontend with the default User role, or with any other role that gives API access can exploit this vulnerability. An SQLi exists in the CUser class in the addRelatedObjects function, this function is being called from the CUser.get function which is available for every user who has API access.

Vulnerability Trend

Vendor Advisories

Debian Bug report logs - #1088689 zabbix: CVE-2024-36464 CVE-2024-36467 CVE-2024-36468 CVE-2024-42326 CVE-2024-42327 CVE-2024-42328 CVE-2024-42329 CVE-2024-42330 CVE-2024-42331 CVE-2024-42332 CVE-2024-42333 Package: src:zabbix; Maintainer for src:zabbix is Dmitry Smirnov <onlyjob@debianorg>; Reported by: Moritz Mühlenhoff & ...

Github Repositories

CVE-2024-42327: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') (CWE-89)

CVE-2024-42327 CVE-2024-42327: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') (CWE-89)

POC for CVE-2024-42327, an authenticated SQL Injection in Zabbix through the user.get API Method

CVE-2024-42327_Zabbix_SQLI POC for CVE-2024-42327, an authenticated SQL Injection in Zabbix through the userget API Method

PoC for CVE-2024-42327 / ZBX-25623

CVE-2024-42327 PoC for CVE-2024-42327 / ZBX-25623 Disclaimer: This script is provided for educational purposes only! Proof-of-Concept The following code from version 6031 is vulnerable to SQLi: $db_roles = DBselect( 'SELECT uuserid'($options['selectRole'] ? ',r'implode(',r', $options['selectRole']) : '') 

cve-2024-42327 ZBX-25623

cve-2024-42327

Recent Articles

Zabbix urges upgrades after critical SQL injection bug disclosure
The Register

Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources US agencies blasted 'unforgivable' SQLi flaws earlier this year

Open-source enterprise network and application monitoring provider Zabbix is warning customers of a new critical vulnerability that could lead to full system compromise. Tracked as CVE-2024-42327, the SQL injection bug scored a near-perfect 9.9 when assessed using the Common Vulnerability Scoring System (CVSSv3) and can be exploited by users with API access. The project's description of the vulnerability explained: "A non-admin user account on the Zabbix frontend with the default User role, or w...