9.9
CRITICAL CVSS 3.1
CVE-2024-42327
Zabbix SQL Injection Vulnerability
Description

A non-admin user account on the Zabbix frontend with the default User role, or with any other role that gives API access can exploit this vulnerability. An SQLi exists in the CUser class in the addRelatedObjects function, this function is being called from the CUser.get function which is available for every user who has API access.

INFO

Published Date :

Nov. 27, 2024, 12:15 p.m.

Last Modified :

Nov. 27, 2024, 12:15 p.m.

Remotely Exploit :

Yes !
Affected Products

The following products are affected by CVE-2024-42327 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Zabbix zabbix
CVSS Scores
The Common Vulnerability Scoring System is a standardized framework for assessing the severity of vulnerabilities in software and systems. We collect and displays CVSS scores from various sources for each CVE.
Score Version Severity Vector Exploitability Score Impact Score Source
CVSS 3.1 CRITICAL [email protected]
Solution
This information is provided by the 3rd party feeds.
  • There is no known solution at this time.
Public PoC/Exploit Available at Github

CVE-2024-42327 has a 28 public PoC/Exploit available at Github. Go to the Public Exploits tab to see the list.

References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2024-42327.

URL Resource
https://support.zabbix.com/browse/ZBX-25623
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2024-42327 is associated with the following CWEs:

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

备份的漏洞库,3月开始我们来维护

Updated: 1 month, 1 week ago
2 stars 0 fork 0 watcher
Born at : June 30, 2025, 9:14 a.m. This repo has been linked 216 different CVEs too.

None

Updated: 2 months, 1 week ago
0 stars 0 fork 0 watcher
Born at : June 15, 2025, 2:32 a.m. This repo has been linked 216 different CVEs too.

None

Updated: 2 months, 3 weeks ago
0 stars 0 fork 0 watcher
Born at : May 30, 2025, 2:59 a.m. This repo has been linked 213 different CVEs too.

None

HTML

Updated: 3 months, 2 weeks ago
0 stars 0 fork 0 watcher
Born at : May 6, 2025, 2:20 a.m. This repo has been linked 201 different CVEs too.

This is for educational porpuses only. Please do not use agains unathorized systems.

Python

Updated: 4 months ago
0 stars 0 fork 0 watcher
Born at : April 18, 2025, 5:24 p.m. This repo has been linked 1 different CVEs too.

wy876

Python

Updated: 1 month, 3 weeks ago
8 stars 2 fork 2 watcher
Born at : April 11, 2025, 4:25 a.m. This repo has been linked 209 different CVEs too.

wy876 POC | wy876的poc仓库已删库,该项目为其仓库镜像

Updated: 1 month ago
349 stars 196 fork 196 watcher
Born at : March 7, 2025, 10:17 a.m. This repo has been linked 201 different CVEs too.

备份的漏洞库,3月开始我们来维护

Updated: 1 month ago
1382 stars 392 fork 392 watcher
Born at : March 4, 2025, 2:54 p.m. This repo has been linked 216 different CVEs too.

2023HW漏洞整理,收集整理漏洞EXp/POC,大部分漏洞来源网络,目前收集整理了300多个poc/exp,长期更新。

Updated: 3 months, 4 weeks ago
1 stars 1 fork 1 watcher
Born at : March 3, 2025, 6:09 a.m. This repo has been linked 177 different CVEs too.

漏洞文库 wiki.wy876.cn

HTML

Updated: 1 month ago
77 stars 56 fork 56 watcher
Born at : Feb. 26, 2025, 9:46 a.m. This repo has been linked 201 different CVEs too.

Recull d'apunts, cheatsheet, scripts i writeups com a formació per les diferents certificacions planejades.

Shell Python

Updated: 5 months, 1 week ago
0 stars 0 fork 0 watcher
Born at : Feb. 16, 2025, 12:14 p.m. This repo has been linked 4 different CVEs too.

POC for CVE-2024-42327: Zabbix Privilege Escalation -> RCE

Python

Updated: 2 months ago
8 stars 2 fork 2 watcher
Born at : Feb. 16, 2025, 7:33 a.m. This repo has been linked 1 different CVEs too.

None

HTML Python Shell

Updated: 1 month, 3 weeks ago
0 stars 0 fork 0 watcher
Born at : Feb. 13, 2025, 8:50 a.m. This repo has been linked 891 different CVEs too.

Zabbix CVE-2024-42327 PoC

Python

Updated: 1 month, 4 weeks ago
41 stars 4 fork 4 watcher
Born at : Jan. 1, 2025, 6:25 p.m. This repo has been linked 1 different CVEs too.

一个备份全网最新POC并整合的项目🤔

Updated: 8 months ago
1 stars 0 fork 0 watcher
Born at : Dec. 25, 2024, 6:07 a.m. This repo has been linked 7 different CVEs too.

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2024-42327 vulnerability anywhere in the article.

  • Daily CyberSecurity
Multiple Vulnerabilities in Zabbix Open the Door to XSS, DoS, and SQL Injection

Zabbix, a cornerstone in IT infrastructure monitoring fixed five newly disclosed security vulnerabilities ranging from low-severity information leaks to high-impact SQL injection and denial-of-service ... Read more

Published Date: Apr 03, 2025 (4 months, 3 weeks ago)
  • Cybersecurity News
CVE-2024-45387: PoC Published for Critical SQL Injection in Apache Traffic Control

Security researcher Abdelrhman Zayed, in collaboration with Mohamed Abdelhady, has published proof-of-concept (PoC) exploit code for CVE-2024-45387, a critical SQL injection vulnerability in Apache Tr ... Read more

Published Date: Dec 30, 2024 (7 months, 3 weeks ago)
  • Cybersecurity News
CVE-2024-9474 Exploited: LITTLELAMB.WOOLTEA Backdoor Discovered in Palo Alto Devices

Northwave Cyber Security has identified a sophisticated backdoor, LITTLELAMB.WOOLTEA, targeting Palo Alto Networks firewalls.The backdoor was uncovered during a forensic investigation into a compromis ... Read more

Published Date: Dec 25, 2024 (8 months ago)
  • Cybersecurity News
CVE-2024-56337: Apache Tomcat Patches Critical RCE Vulnerability

The Apache Software Foundation recently released a critical security update to address a remote code execution (RCE) vulnerability in Apache Tomcat, identified as CVE-2024-56337. This vulnerability af ... Read more

Published Date: Dec 23, 2024 (8 months ago)
  • Cybersecurity News
336,000 Prometheus Servers at Risk: Urgent Security Alert

In a recent investigation, Aqua Nautilus uncovered alarming security vulnerabilities within the Prometheus ecosystem. Their research highlights critical flaws spanning information disclosure, denial-o ... Read more

Published Date: Dec 16, 2024 (8 months, 1 week ago)
  • TheCyberThrone
TheCyberThrone Security BiWeekly Review – December 14, 2024

Welcome to TheCyberThrone cybersecurity week in review will be posted covering the important security happenings. This review is for the weeks ending Saturday, November 30, 2024.Jenkins fixes multiple ... Read more

Published Date: Dec 15, 2024 (8 months, 1 week ago)
  • Cybersecurity News
Abusing Microsoft’s UI Automation Framework: The New Evasion Technique Bypassing EDR

Akamai security researcher Tomer Peled has unveiled a novel attack technique exploiting Microsoft’s legacy UI Automation framework, a tool originally designed to enhance computer accessibility. The fi ... Read more

Published Date: Dec 14, 2024 (8 months, 1 week ago)
  • Cybersecurity News
Modular Java Backdoor Emerges in Cleo Exploitation Campaign (CVE-2024-50623)

Rapid7 Labs and its Managed Detection and Response (MDR) team uncovered a sophisticated modular Java-based Remote Access Trojan (RAT) deployed in a multi-stage attack targeting Cleo file transfer soft ... Read more

Published Date: Dec 13, 2024 (8 months, 1 week ago)
  • Cybersecurity News
$5 Million Reward Offered After Indictment of North Korean Cyber Operatives

A federal court in St. Louis, Missouri, has indicted 14 nationals of the Democratic People’s Republic of Korea (DPRK) for a series of long-running conspiracies involving sanctions violations, wire fra ... Read more

Published Date: Dec 13, 2024 (8 months, 1 week ago)
  • Cybersecurity News
CVE-2020-12271 Exploited: FBI Seeks Chinese Hacker Behind 81,000 Device Breach

The US Department of Justice announced the unsealing of an indictment against Guan Tianfeng, a Chinese national associated with Sichuan Silence Information Technology Co. Ltd., for his alleged role in ... Read more

Published Date: Dec 12, 2024 (8 months, 1 week ago)
  • Cybersecurity News
Ivanti Connect Secure and Policy Secure Updates Address Critical Vulnerabilities

Ivanti, a leader in unified endpoint and enterprise service management, has issued patches for several high and critical vulnerabilities affecting its Connect Secure and Policy Secure solutions. These ... Read more

Published Date: Dec 11, 2024 (8 months, 2 weeks ago)
  • Cybersecurity News
CVE-2024-52335 (CVSS 9.8): Siemens Healthineers Addresses Critical Flaw in Medical Imaging Software

Siemens Healthineers has released a critical security update to address an unauthenticated SQL injection vulnerability in its syngo.plaza VB30E medical imaging software. The vulnerability, identified ... Read more

Published Date: Dec 11, 2024 (8 months, 2 weeks ago)
  • Cybersecurity News
Google Chrome Patches High-Severity Vulnerabilities – CVE-2024-12381 & CVE-2024-12382

Google has announced its Chrome browser’s latest stable channel update, addressing several security vulnerabilities, including two classified as “High” severity. The update, rolling out progressively ... Read more

Published Date: Dec 11, 2024 (8 months, 2 weeks ago)
  • Cybersecurity News
Beware of Celestial Stealer: New MaaS Targets Browsers and Crypto Wallets

A new report from Trellix Advanced Research Center has exposed the inner workings of Celestial Stealer, a sophisticated Malware-as-a-Service (MaaS) platform targeting developers, gamers, and cryptocur ... Read more

Published Date: Dec 05, 2024 (8 months, 2 weeks ago)
  • Cybersecurity News
Google Chrome Addresses High-Severity Flaw in V8 JavaScript Engine (CVE-2024-12053)

Google has released a security update for its Chrome web browser to mitigate a high-severity “type confusion” vulnerability (CVE-2024-12053) residing within the V8 JavaScript engine. This vulnerabilit ... Read more

Published Date: Dec 04, 2024 (8 months, 3 weeks ago)
  • TheCyberThrone
Apache Arrow affected by CVE-2024-52338 Code Execution Flaw

The Apache Arrow R package  has been identified with a critical security vulnerability impacting versions 4.0.0 through 16.1.0, could allow attackers to execute arbitrary code on systems processing ma ... Read more

Published Date: Dec 02, 2024 (8 months, 3 weeks ago)
  • security.nl
Zabbix-servers via kritiek SQL injection-lek op afstand over te nemen

Een kritiek beveiligingslek in open source monitoringtool Zabbix maakt het mogelijk om kwetsbare servers door middel van SQL injection op afstand over te nemen. De ontwikkelaar heeft vorige week bevei ... Read more

Published Date: Dec 02, 2024 (8 months, 3 weeks ago)
  • The Hacker News
THN Recap: Top Cybersecurity Threats, Tools and Tips (Nov 25 - Dec 1)

Cyber Threats / Weekly Recap Ever wonder what happens in the digital world every time you blink? Here's something wild - hackers launch about 2,200 attacks every single day, which means someone's tryi ... Read more

Published Date: Dec 02, 2024 (8 months, 3 weeks ago)
  • TheCyberThrone
The CyberThrone Most Exploited Vulnerabilities Top 10 – November 2024

Welcome to TheCyberThrone most exploited vulnerabilities review. This review is for the month of November 2024CVE-2024-9463: Palo Alto OS Command InjectionCVSS 3.1 Score : 9.9 CISA KEV: YesThis vuln ... Read more

Published Date: Dec 01, 2024 (8 months, 3 weeks ago)
  • TheCyberThrone
TheCyberThrone CyberSecurity Newsletter Top 5 Articles – November, 2024

Welcome to TheCyberThrone cybersecurity month in review will be posted covering the important security happenings . This review is for the month ending November, 2024Subscribers favorite #1Apache Airf ... Read more

Published Date: Dec 01, 2024 (8 months, 3 weeks ago)

The following table lists the changes that have been made to the CVE-2024-42327 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • New CVE Received by [email protected]

    Nov. 27, 2024

    Action Type Old Value New Value
    Added Description A non-admin user account on the Zabbix frontend with the default User role, or with any other role that gives API access can exploit this vulnerability. An SQLi exists in the CUser class in the addRelatedObjects function, this function is being called from the CUser.get function which is available for every user who has API access.
    Added CVSS V3.1 AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
    Added CWE CWE-89
    Added Reference https://support.zabbix.com/browse/ZBX-25623
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
Vulnerability Scoring Details
Base CVSS Score: 9.9
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact