9.9
CRITICAL
CVE-2024-42327
Zabbix SQL Injection Vulnerability
Description

A non-admin user account on the Zabbix frontend with the default User role, or with any other role that gives API access can exploit this vulnerability. An SQLi exists in the CUser class in the addRelatedObjects function, this function is being called from the CUser.get function which is available for every user who has API access.

INFO

Published Date :

Nov. 27, 2024, 12:15 p.m.

Last Modified :

Nov. 27, 2024, 12:15 p.m.

Source :

[email protected]

Remotely Exploitable :

Yes !

Impact Score :

6.0

Exploitability Score :

3.1
Public PoC/Exploit Available at Github

CVE-2024-42327 has a 28 public PoC/Exploit available at Github. Go to the Public Exploits tab to see the list.

Affected Products

The following products are affected by CVE-2024-42327 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Zabbix zabbix
: Total Affected Vendor : 1 | Products : 1
References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2024-42327.

URL Resource
https://support.zabbix.com/browse/ZBX-25623

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Profile Photo
Lern0n/Lernon-POC

备份的漏洞库,3月开始我们来维护

Updated: 3 weeks, 2 days ago
2 stars 0 fork 0 watcher
Born at : June 30, 2025, 9:14 a.m. This repo has been linked 216 different CVEs too.
Profile Photo
oLy0/Vulnerability

None

Updated: 1 month, 3 weeks ago
0 stars 0 fork 0 watcher
Born at : June 15, 2025, 2:32 a.m. This repo has been linked 216 different CVEs too.
Profile Photo
oLy0/Vulnerability

None

Updated: 2 months ago
0 stars 0 fork 0 watcher
Born at : May 30, 2025, 2:59 a.m. This repo has been linked 213 different CVEs too.
Profile Photo
12442RF/POC

None

HTML

Updated: 2 months, 4 weeks ago
0 stars 0 fork 0 watcher
Born at : May 6, 2025, 2:20 a.m. This repo has been linked 201 different CVEs too.
Profile Photo
874anthony/CVE-2024-42327_Zabbix_SQLi

This is for educational porpuses only. Please do not use agains unathorized systems.

Python

Updated: 3 months, 2 weeks ago
0 stars 0 fork 0 watcher
Born at : April 18, 2025, 5:24 p.m. This repo has been linked 1 different CVEs too.
Profile Photo
laoa1573/wy876

wy876

Python

Updated: 1 month ago
8 stars 2 fork 2 watcher
Born at : April 11, 2025, 4:25 a.m. This repo has been linked 209 different CVEs too.
Profile Photo
adysec/POC

wy876 POC | wy876的poc仓库已删库,该项目为其仓库镜像

Updated: 2 weeks ago
349 stars 196 fork 196 watcher
Born at : March 7, 2025, 10:17 a.m. This repo has been linked 201 different CVEs too.
Profile Photo
eeeeeeeeee-code/POC

备份的漏洞库,3月开始我们来维护

Updated: 1 week, 6 days ago
1382 stars 392 fork 392 watcher
Born at : March 4, 2025, 2:54 p.m. This repo has been linked 216 different CVEs too.
Profile Photo
iemotion/POC

2023HW漏洞整理,收集整理漏洞EXp/POC,大部分漏洞来源网络,目前收集整理了300多个poc/exp,长期更新。

Updated: 3 months, 1 week ago
1 stars 1 fork 1 watcher
Born at : March 3, 2025, 6:09 a.m. This repo has been linked 177 different CVEs too.
Profile Photo
DMW11525708/wiki

漏洞文库 wiki.wy876.cn

HTML

Updated: 2 weeks, 2 days ago
77 stars 56 fork 56 watcher
Born at : Feb. 26, 2025, 9:46 a.m. This repo has been linked 201 different CVEs too.
Profile Photo
ileisd/CiberSeg-Estudi

Recull d'apunts, cheatsheet, scripts i writeups com a formació per les diferents certificacions planejades.

Shell Python

Updated: 4 months, 2 weeks ago
0 stars 0 fork 0 watcher
Born at : Feb. 16, 2025, 12:14 p.m. This repo has been linked 4 different CVEs too.
Profile Photo
godylockz/CVE-2024-42327

POC for CVE-2024-42327: Zabbix Privilege Escalation -> RCE

Python

Updated: 1 month, 2 weeks ago
8 stars 2 fork 2 watcher
Born at : Feb. 16, 2025, 7:33 a.m. This repo has been linked 1 different CVEs too.
Profile Photo
plzheheplztrying/cve_monitor

None

HTML Python Shell

Updated: 1 month ago
0 stars 0 fork 0 watcher
Born at : Feb. 13, 2025, 8:50 a.m. This repo has been linked 891 different CVEs too.
Profile Photo
BridgerAlderson/Zabbix-CVE-2024-42327-SQL-Injection-RCE

Zabbix CVE-2024-42327 PoC

Python

Updated: 1 month, 1 week ago
41 stars 4 fork 4 watcher
Born at : Jan. 1, 2025, 6:25 p.m. This repo has been linked 1 different CVEs too.
Profile Photo
wi1kwegam4a/backPOCup

一个备份全网最新POC并整合的项目🤔

Updated: 7 months, 1 week ago
1 stars 0 fork 0 watcher
Born at : Dec. 25, 2024, 6:07 a.m. This repo has been linked 7 different CVEs too.

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2024-42327 vulnerability anywhere in the article.

  • Daily CyberSecurity
Multiple Vulnerabilities in Zabbix Open the Door to XSS, DoS, and SQL Injection

Zabbix, a cornerstone in IT infrastructure monitoring fixed five newly disclosed security vulnerabilities ranging from low-severity information leaks to high-impact SQL injection and denial-of-service ... Read more

Published Date: Apr 03, 2025 (4 months ago)
CVE-2024-45700 CVE-2024-45699 CVE-2024-42325 CVE-2024-36469 CVE-2024-36465 CVE-2024-42330 CVE-2024-42327 CVE-2024-36461 CVE-2024-22116
  • Cybersecurity News
CVE-2024-45387: PoC Published for Critical SQL Injection in Apache Traffic Control

Security researcher Abdelrhman Zayed, in collaboration with Mohamed Abdelhady, has published proof-of-concept (PoC) exploit code for CVE-2024-45387, a critical SQL injection vulnerability in Apache Tr ... Read more

Published Date: Dec 30, 2024 (7 months ago)
CVE-2024-45387 CVE-2024-23945 CVE-2024-49112 CVE-2024-52335 CVE-2024-42327 CVE-2024-3584 CVE-2024-23832
  • Cybersecurity News
CVE-2024-9474 Exploited: LITTLELAMB.WOOLTEA Backdoor Discovered in Palo Alto Devices

Northwave Cyber Security has identified a sophisticated backdoor, LITTLELAMB.WOOLTEA, targeting Palo Alto Networks firewalls.The backdoor was uncovered during a forensic investigation into a compromis ... Read more

Published Date: Dec 25, 2024 (7 months, 1 week ago)
CVE-2022-27595 CVE-2024-10905 CVE-2024-42327 CVE-2024-48861 CVE-2024-48860 CVE-2024-9474 CVE-2024-0012 CVE-2020-12271
  • Cybersecurity News
CVE-2024-56337: Apache Tomcat Patches Critical RCE Vulnerability

The Apache Software Foundation recently released a critical security update to address a remote code execution (RCE) vulnerability in Apache Tomcat, identified as CVE-2024-56337. This vulnerability af ... Read more

Published Date: Dec 23, 2024 (7 months, 1 week ago)
CVE-2024-56337 CVE-2024-54677 CVE-2024-50379 CVE-2024-49112 CVE-2024-52335 CVE-2024-42327 CVE-2024-8811 CVE-2024-47855 CVE-2023-45648 CVE-2023-42795 ...+1 more CVE
  • Cybersecurity News
336,000 Prometheus Servers at Risk: Urgent Security Alert

In a recent investigation, Aqua Nautilus uncovered alarming security vulnerabilities within the Prometheus ecosystem. Their research highlights critical flaws spanning information disclosure, denial-o ... Read more

Published Date: Dec 16, 2024 (7 months, 2 weeks ago)
CVE-2024-10905 CVE-2024-42327 CVE-2024-52067 CVE-2024-5082 CVE-2024-5083 CVE-2022-46146 CVE-2020-12271
  • TheCyberThrone
TheCyberThrone Security BiWeekly Review – December 14, 2024

Welcome to TheCyberThrone cybersecurity week in review will be posted covering the important security happenings. This review is for the weeks ending Saturday, November 30, 2024.Jenkins fixes multiple ... Read more

Published Date: Dec 15, 2024 (7 months, 3 weeks ago)
CVE-2024-54677 CVE-2024-50379 CVE-2024-49112 CVE-2024-53677 CVE-2024-52338 CVE-2024-54004 CVE-2024-54003 CVE-2024-42327 CVE-2024-47855 CVE-2024-38193 ...+1 more CVE
  • Cybersecurity News
Abusing Microsoft’s UI Automation Framework: The New Evasion Technique Bypassing EDR

Akamai security researcher Tomer Peled has unveiled a novel attack technique exploiting Microsoft’s legacy UI Automation framework, a tool originally designed to enhance computer accessibility. The fi ... Read more

Published Date: Dec 14, 2024 (7 months, 3 weeks ago)
CVE-2024-37143 CVE-2024-10905 CVE-2024-42327 CVE-2024-52067 CVE-2024-5082 CVE-2024-5083 CVE-2020-12271
  • Cybersecurity News
Modular Java Backdoor Emerges in Cleo Exploitation Campaign (CVE-2024-50623)

Rapid7 Labs and its Managed Detection and Response (MDR) team uncovered a sophisticated modular Java-based Remote Access Trojan (RAT) deployed in a multi-stage attack targeting Cleo file transfer soft ... Read more

Published Date: Dec 13, 2024 (7 months, 3 weeks ago)
CVE-2024-10905 CVE-2024-42327 CVE-2024-52067 CVE-2024-5082 CVE-2024-5083 CVE-2024-50623 CVE-2020-12271
  • Cybersecurity News
$5 Million Reward Offered After Indictment of North Korean Cyber Operatives

A federal court in St. Louis, Missouri, has indicted 14 nationals of the Democratic People’s Republic of Korea (DPRK) for a series of long-running conspiracies involving sanctions violations, wire fra ... Read more

Published Date: Dec 13, 2024 (7 months, 3 weeks ago)
CVE-2024-10905 CVE-2024-42327 CVE-2024-52067 CVE-2024-5082 CVE-2024-5083 CVE-2020-12271
  • Cybersecurity News
CVE-2020-12271 Exploited: FBI Seeks Chinese Hacker Behind 81,000 Device Breach

The US Department of Justice announced the unsealing of an indictment against Guan Tianfeng, a Chinese national associated with Sichuan Silence Information Technology Co. Ltd., for his alleged role in ... Read more

Published Date: Dec 12, 2024 (7 months, 3 weeks ago)
CVE-2024-10905 CVE-2024-42327 CVE-2024-52067 CVE-2024-5082 CVE-2024-5083 CVE-2020-12271
  • Cybersecurity News
Ivanti Connect Secure and Policy Secure Updates Address Critical Vulnerabilities

Ivanti, a leader in unified endpoint and enterprise service management, has issued patches for several high and critical vulnerabilities affecting its Connect Secure and Policy Secure solutions. These ... Read more

Published Date: Dec 11, 2024 (7 months, 3 weeks ago)
CVE-2024-37401 CVE-2024-37377 CVE-2024-9844 CVE-2024-11634 CVE-2024-11633 CVE-2024-10905 CVE-2024-42327 CVE-2024-52067 CVE-2024-5082 CVE-2024-5083 ...+2 more CVE
  • Cybersecurity News
CVE-2024-52335 (CVSS 9.8): Siemens Healthineers Addresses Critical Flaw in Medical Imaging Software

Siemens Healthineers has released a critical security update to address an unauthenticated SQL injection vulnerability in its syngo.plaza VB30E medical imaging software. The vulnerability, identified ... Read more

Published Date: Dec 11, 2024 (7 months, 3 weeks ago)
CVE-2024-52335 CVE-2024-10905 CVE-2024-42327 CVE-2024-52067 CVE-2024-44102 CVE-2024-33698 CVE-2020-12271
  • Cybersecurity News
Google Chrome Patches High-Severity Vulnerabilities – CVE-2024-12381 & CVE-2024-12382

Google has announced its Chrome browser’s latest stable channel update, addressing several security vulnerabilities, including two classified as “High” severity. The update, rolling out progressively ... Read more

Published Date: Dec 11, 2024 (7 months, 3 weeks ago)
CVE-2024-12382 CVE-2024-12381 CVE-2024-10905 CVE-2024-42327 CVE-2024-52067 CVE-2024-5082 CVE-2024-5083 CVE-2020-12271
  • Cybersecurity News
Beware of Celestial Stealer: New MaaS Targets Browsers and Crypto Wallets

A new report from Trellix Advanced Research Center has exposed the inner workings of Celestial Stealer, a sophisticated Malware-as-a-Service (MaaS) platform targeting developers, gamers, and cryptocur ... Read more

Published Date: Dec 05, 2024 (8 months ago)
CVE-2024-10905 CVE-2024-42327 CVE-2024-52067 CVE-2024-5671 CVE-2020-12271
  • Cybersecurity News
Google Chrome Addresses High-Severity Flaw in V8 JavaScript Engine (CVE-2024-12053)

Google has released a security update for its Chrome web browser to mitigate a high-severity “type confusion” vulnerability (CVE-2024-12053) residing within the V8 JavaScript engine. This vulnerabilit ... Read more

Published Date: Dec 04, 2024 (8 months ago)
CVE-2024-12053 CVE-2024-10905 CVE-2024-42327 CVE-2024-52067 CVE-2020-12271
  • TheCyberThrone
Apache Arrow affected by CVE-2024-52338 Code Execution Flaw

The Apache Arrow R package  has been identified with a critical security vulnerability impacting versions 4.0.0 through 16.1.0, could allow attackers to execute arbitrary code on systems processing ma ... Read more

Published Date: Dec 02, 2024 (8 months ago)
CVE-2024-52338 CVE-2024-42327 CVE-2024-49019 CVE-2024-38054
  • security.nl
Zabbix-servers via kritiek SQL injection-lek op afstand over te nemen

Een kritiek beveiligingslek in open source monitoringtool Zabbix maakt het mogelijk om kwetsbare servers door middel van SQL injection op afstand over te nemen. De ontwikkelaar heeft vorige week bevei ... Read more

Published Date: Dec 02, 2024 (8 months ago)
CVE-2024-42327
  • The Hacker News
THN Recap: Top Cybersecurity Threats, Tools and Tips (Nov 25 - Dec 1)

Cyber Threats / Weekly Recap Ever wonder what happens in the digital world every time you blink? Here's something wild - hackers launch about 2,200 attacks every single day, which means someone's tryi ... Read more

Published Date: Dec 02, 2024 (8 months ago)
CVE-2024-49806 CVE-2024-49805 CVE-2024-49803 CVE-2024-50357 CVE-2024-52338 CVE-2024-52490 CVE-2024-8672 CVE-2024-11103 CVE-2024-42327 CVE-2024-53676 ...+7 more CVE
  • TheCyberThrone
The CyberThrone Most Exploited Vulnerabilities Top 10 – November 2024

Welcome to TheCyberThrone most exploited vulnerabilities review. This review is for the month of November 2024CVE-2024-9463: Palo Alto OS Command InjectionCVSS 3.1 Score : 9.9 CISA KEV: YesThis vuln ... Read more

Published Date: Dec 01, 2024 (8 months ago)
CVE-2024-42327 CVE-2024-11667 CVE-2024-44309 CVE-2024-44308 CVE-2024-9474 CVE-2024-0012 CVE-2024-49019 CVE-2024-10914 CVE-2024-9465 CVE-2024-9463 ...+4 more CVE
  • TheCyberThrone
TheCyberThrone CyberSecurity Newsletter Top 5 Articles – November, 2024

Welcome to TheCyberThrone cybersecurity month in review will be posted covering the important security happenings . This review is for the month ending November, 2024Subscribers favorite #1Apache Airf ... Read more

Published Date: Dec 01, 2024 (8 months ago)
CVE-2024-42327 CVE-2024-11667 CVE-2024-0138 CVE-2024-45784 CVE-2024-9693 CVE-2024-49019 CVE-2024-51568 CVE-2024-51567 CVE-2024-51378 CVE-2024-38054
  • TheCyberThrone
INC Ransom claimed responsibility on Alder Hey Children’s Trust attack

On November 28, the ransomware group INC Ransom claimed to have compromised sensitive data from Alder Hey Children’s NHS Foundation Trust in Liverpool, UK. They posted on their data leak site that the ... Read more

Published Date: Nov 30, 2024 (8 months ago)
CVE-2024-42327 CVE-2024-11667 CVE-2024-11680 CVE-2024-49019 CVE-2023-4966
  • TheCyberThrone
Zabbix tool affected by CVE-2024-42327

Zabbix, an open-source application monitoring tool, is warning its customers of a new critical vulnerability that could lead to full system compromise.The vulnerability tracked as CVE-2024-42327 with ... Read more

Published Date: Nov 30, 2024 (8 months ago)
CVE-2024-42327 CVE-2024-11667 CVE-2024-11680 CVE-2024-49019
  • The Register
Zabbix urges upgrades after critical SQL injection bug disclosure

Open-source enterprise network and application monitoring provider Zabbix is warning customers of a new critical vulnerability that could lead to full system compromise. Tracked as CVE-2024-42327, the ... Read more

Published Date: Nov 29, 2024 (8 months ago)
CVE-2024-42327
  • Cybersecurity News
CVE-2024-42327 (CVSS 9.9): Critical SQL Injection Vulnerability Found in Zabbix

Zabbix, a popular open-source IT infrastructure monitoring tool used by organizations worldwide, has been found to contain a critical SQL injection vulnerability (CVE-2024-42327) with a CVSS score of ... Read more

Published Date: Nov 28, 2024 (8 months, 1 week ago)
CVE-2024-42327 CVE-2024-9479 CVE-2024-9478 CVE-2024-8069 CVE-2024-8068 CVE-2024-50330 CVE-2024-46538 CVE-2024-36461 CVE-2024-22116 CVE-2024-22120 ...+1 more CVE

The following table lists the changes that have been made to the CVE-2024-42327 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • New CVE Received by [email protected]

    Nov. 27, 2024

    Action Type Old Value New Value
    Added Description A non-admin user account on the Zabbix frontend with the default User role, or with any other role that gives API access can exploit this vulnerability. An SQLi exists in the CUser class in the addRelatedObjects function, this function is being called from the CUser.get function which is available for every user who has API access.
    Added CVSS V3.1 AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
    Added CWE CWE-89
    Added Reference https://support.zabbix.com/browse/ZBX-25623
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2024-42327 is associated with the following CWEs:

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2024-42327 weaknesses.

CVSS31 - Vulnerability Scoring System
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
: