CVE-2025-27238 | Zabbix up to 7.0.13/7.2.7 API hostprototype.get information disclosure

Inserito da Angelo Barbosa | Set 12, 2025 | CVE

A vulnerability was found in Zabbix up to 7.0.13/7.2.7 and classified as problematic. Impacted is the function hostprototype.get of the component API. Such manipulation leads to information disclosure.

This vulnerability is listed as CVE-2025-27238. The attack must be carried out from within the local network. There is no available exploit.

CVE-2025-27238 | Zabbix up to 7.0.13/7.2.7 API hostprototype.get information disclosure

Post correlati

CVE-2024-45338 | x-net-html up to 0.32.x on Go Parse amplification

CVE-2024-9793 | Tenda AC1206 up to 15.03.06.23 /goform/ate ate_iwpriv_set/ate_ifconfig_set command injection

CVE-2024-55969 | Syncfusion Essential Studio for ASP.NET MVC up to 27.1.54 docx Document xml external entity reference

CVE-2025-2413 | Akinsoft ProKuafor up to 1.02.07 excessive authentication