CNNVD-202509-1774 Information
CNNVD ID
CNNVD-202509-1774
Related CVE
- CNNVD Published: 2025-09-12
Description (Chinese)
Zabbix是Zabbix公司的一套开源的监控系统。该系统支持网络监控、服务器监控、云监控和应用监控等。 Zabbix存在安全漏洞,该漏洞源于管理员在自动移除主机时可在Visible name字段插入恶意SQL,可能导致SQL注入攻击。
Description (English)
Zabbix is an open-source monitoring system for Zabbix. The system supports network monitoring, server monitoring, cloud monitoring and application monitoring, etc. Zabbix has a security loophole, which stems from the fact that the administrator can insert malicious SQL in the Visible name field when automatically removing the host, which could lead to an attack by SQL.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Zabbix
Published
2025-09-12
Last Modified
2026-02-24
References
https://support.zabbix.com/browse/ZBX-26986 https://vigilance.fr/vulnerability/Zabbix-SQL-injection-via-Autoregistered-Host-Deletion-48217 https://access.redhat.com/security/cve/cve-2025-27240
Patch
https://support.zabbix.com/browse/ZBX-26986
Share on: