CVE-2017-2824

HIGH

Zabbix Server 2.4.X - Remote Code Execution via Trapper Command Injection

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2017-2824. PoCs published by listenquiet.

AI-analyzed exploit summary This repository contains a working exploit for CVE-2017-2824, a command injection vulnerability in Zabbix Server's trapper command handling. The exploit demonstrates remote code execution by registering a host and triggering command injection via the IP field, with a reverse shell payload split into multiple commands to bypass length limitations.

Description

An exploitable code execution vulnerability exists in the trapper command functionality of Zabbix Server 2.4.X. A specially crafted set of packets can cause a command injection resulting in remote code execution. An attacker can make requests from an active Zabbix Proxy to trigger this vulnerability.

Exploits (1)

nomisec WORKING POC 6 stars

by listenquiet · poc

https://github.com/listenquiet/cve-2017-2824-reverse-shell

View Code ZIP pw:eip

This repository contains a working exploit for CVE-2017-2824, a command injection vulnerability in Zabbix Server's trapper command handling. The exploit demonstrates remote code execution by registering a host and triggering command injection via the IP field, with a reverse shell payload split into multiple commands to bypass length limitations.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Zabbix Server 2.4.x, 3.0.x < 3.0.4

No auth needed

Prerequisites: Zabbix Server with automatic host registration enabled · Presence of default scripts (e.g., ping)

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Exploit, Mitigation, Third Party Advisory, VDB Entry x_refsource_misc

https://talosintelligence.com/vulnerability_reports/TALOS-2017-0325

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/98083

Third Party Advisory vendor-advisory x_refsource_debian

http://www.debian.org/security/2017/dsa-3937

Scores

CVSS v3 8.1

EPSS 0.7355

EPSS Percentile 98.8%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-78

Status published

Products (11)

zabbix/zabbix 2.4.0 (4 CPE variants)

zabbix/zabbix 2.4.1 (3 CPE variants)

zabbix/zabbix 2.4.2 (2 CPE variants)

zabbix/zabbix 2.4.3 (2 CPE variants)

zabbix/zabbix 2.4.4 (2 CPE variants)

zabbix/zabbix 2.4.5 (2 CPE variants)

zabbix/zabbix 2.4.6 (2 CPE variants)

zabbix/zabbix 2.4.7 (2 CPE variants)

zabbix/zabbix 2.4.8 (2 CPE variants)

zabbix/zabbix 2.4.9 (2 CPE variants)

... and 1 more

Published May 24, 2017

Tracked Since Feb 18, 2026