{"id":"CVE-2017-2824","details":"An exploitable code execution vulnerability exists in the trapper command functionality of Zabbix Server 2.4.X. A specially crafted set of packets can cause a command injection resulting in remote code execution. An attacker can make requests from an active Zabbix Proxy to trigger this vulnerability.","modified":"2026-03-12T22:37:33.634450Z","published":"2017-05-24T14:29:00.707Z","references":[{"type":"ADVISORY","url":"http://www.debian.org/security/2017/dsa-3937"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/98083"},{"type":"EVIDENCE","url":"https://talosintelligence.com/vulnerability_reports/TALOS-2017-0325"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"2.4.0"}]},{"events":[{"introduced":"0"},{"last_affected":"2.4.0-rc1"}]},{"events":[{"introduced":"0"},{"last_affected":"2.4.0-rc2"}]},{"events":[{"introduced":"0"},{"last_affected":"2.4.0-rc3"}]},{"events":[{"introduced":"0"},{"last_affected":"2.4.1"}]},{"events":[{"introduced":"0"},{"last_affected":"2.4.1-rc1"}]},{"events":[{"introduced":"0"},{"last_affected":"2.4.1-rc2"}]},{"events":[{"introduced":"0"},{"last_affected":"2.4.2"}]},{"events":[{"introduced":"0"},{"last_affected":"2.4.2-rc1"}]},{"events":[{"introduced":"0"},{"last_affected":"2.4.3"}]},{"events":[{"introduced":"0"},{"last_affected":"2.4.3-rc1"}]},{"events":[{"introduced":"0"},{"last_affected":"2.4.4"}]},{"events":[{"introduced":"0"},{"last_affected":"2.4.4-rc1"}]},{"events":[{"introduced":"0"},{"last_affected":"2.4.5"}]},{"events":[{"introduced":"0"},{"last_affected":"2.4.5-rc1"}]},{"events":[{"introduced":"0"},{"last_affected":"2.4.6"}]},{"events":[{"introduced":"0"},{"last_affected":"2.4.6-rc1"}]},{"events":[{"introduced":"0"},{"last_affected":"2.4.7"}]},{"events":[{"introduced":"0"},{"last_affected":"2.4.7-rc1"}]},{"events":[{"introduced":"0"},{"last_affected":"2.4.8"}]},{"events":[{"introduced":"0"},{"last_affected":"2.4.8-rc1"}]},{"events":[{"introduced":"0"},{"last_affected":"2.4.9"}]},{"events":[{"introduced":"0"},{"last_affected":"2.4.9-rc1"}]}],"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-2824.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}