An authenticated Zabbix user (including Guest) is able to cause disproportionate CPU load on the webserver by sending specially crafted parameters to /imgstore.php, leading to potential denial of service.
CVE-2025-49643: An authenticated Zabbix user (including Guest) is able to cause disproportionate CPU load on the webserver by sending s…
Authenticated users, including guests, can exploit CVE-2025-49643 to cause high CPU load on Zabbix webservers via crafted requests to /imgstore.php, leading to denial of service.