{
  "modified": "2025-08-09T19:01:27Z",
  "published": "2013-12-19T04:24:57Z",
  "id": "CVE-2013-6824",
  "details": "Zabbix before 1.8.19rc1, 2.0 before 2.0.10rc1, and 2.2 before 2.2.1rc1 allows remote Zabbix servers and proxies to execute arbitrary commands via a newline in a flexible user parameter.",
  "references": [
    {
      "type": "ADVISORY",
      "url": "http://security.gentoo.org/glsa/glsa-201401-26.xml"
    },
    {
      "type": "ADVISORY",
      "url": "http://www.zabbix.com/rn1.8.19rc1.php"
    },
    {
      "type": "ADVISORY",
      "url": "http://www.zabbix.com/rn2.0.10rc1.php"
    },
    {
      "type": "ADVISORY",
      "url": "http://www.zabbix.com/rn2.2.1rc1.php"
    },
    {
      "type": "EVIDENCE",
      "url": "https://support.zabbix.com/browse/ZBX-7479"
    },
    {
      "type": "FIX",
      "url": "http://www.zabbix.com/rn1.8.19rc1.php"
    },
    {
      "type": "FIX",
      "url": "http://www.zabbix.com/rn2.0.10rc1.php"
    },
    {
      "type": "FIX",
      "url": "http://www.zabbix.com/rn2.2.1rc1.php"
    },
    {
      "type": "FIX",
      "url": "https://support.zabbix.com/browse/ZBX-7479"
    }
  ]
}