cvedb.io
CVE-2021-46088
HIGH · CVSS 7.2
EPSS exploitation probability: 0%
Published 2022-01-27T16:15:07.777 · Last modified 2026-06-17T04:14:32.170

Summary

Zabbix 4.0 LTS, 4.2, 4.4, and 5.0 LTS is vulnerable to Remote Code Execution (RCE). Any user with the "Zabbix Admin" role is able to run custom shell script on the application server in the context of the application user.

Affected products

zabbix — zabbix

Does this affect you?

Add your gear to cvedb and we'll alert you only when zabbix ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.