CVE-2024-22123 Information

Description

Setting SMS media allows to set GSM modem file. Later this file is used as Linux device. But due everything is a file for Linux it is possible to set another file e.g. log file and zabbix_server will try to communicate with it as modem. As a result log file will be broken with AT commands and small part for log file content will be leaked to UI.

Reference

https://support.zabbix.com/browse/ZBX-25013