View at Official debian advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2023-32727 not yet assigned priority: Debian including 1 source packages (zabbix), 4 status rows across 4 suites (bookworm, bullseye, sid, trixie): resolved 3, open 1.
An attacker who has the privilege to configure Zabbix items can use function icmpping() with additional malicious command inside it to execute arbitrary code on the current Zabbix server.