CVE-2025-49643
Frontend DoS vulnerability due to asymmetric resource consumption
An authenticated Zabbix user (including Guest) is able to cause disproportionate CPU load on the webserver by sending specially crafted parameters to /imgstore.php, leading to potential denial of service.
CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
Affected products
Zabbix · ZabbixWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →