Zabbix Server SQL Injection Vulnerability

Zabbix Server SQL Injection Vulnerability (CVE-2024-42327)

dezembro 3, 2024

Overview Recently, NSFOCUS CERT detected that Zabbix released a security announcement and fixed the SQL injection vulnerability (CVE-2024-42327) of Zabbix server. Due to the SQLi vulnerability in the CUser class in the addRelatedObjects function, attackers with default user permission or API access can call the CUser.get function. This could lead to unauthorized access to sensitive […]

Search

Inscreva-se no Blog da NSFOCUS