vulnerability

Debian: CVE-2024-22116: zabbix -- security update

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
9	(AV:N/AC:L/Au:S/C:C/I:C/A:C)	Aug 12, 2024	Oct 7, 2024	Mar 30, 2026

Severity

CVSS

(AV:N/AC:L/Au:S/C:C/I:C/A:C)

Published

Aug 12, 2024

Added

Oct 7, 2024

Modified

Mar 30, 2026

Description

An administrator with restricted permissions can exploit the script execution functionality within the Monitoring Hosts section. The lack of default escaping for script parameters enabled this user ability to execute arbitrary code via the Ping script, thereby compromising infrastructure.

Solution

debian-upgrade-zabbix

References

CVE-2024-22116
https://attackerkb.com/topics/CVE-2024-22116
CWE-94
DEBIAN-DLA-3909-1
EUVD-EUVD-2024-19712
https://euvd.enisa.europa.eu/vulnerability/EUVD-2024-19712

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report