CVE-2025-49643
EUVD-2025-19998501.12.2025, 14:16
An authenticated Zabbix user (including Guest) is able to cause disproportionate CPU load on the webserver by sending specially crafted parameters to /imgstore.php, leading to potential denial of service.
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| zabbix | frontend | 6.0.0 ≤ 𝑥 < 6.0.42 |
| zabbix | frontend | 7.0.0 ≤ 𝑥 < 7.0.19 |
| zabbix | frontend | 7.2.0 ≤ 𝑥 < 7.2.13 |
| zabbix | frontend | 7.4.0 ≤ 𝑥 < 7.4.3 |
𝑥
= Vulnerable software versions
Ubuntu Releases
Common Weakness Enumeration