CVE-2025-49643

🗓️ 01 Dec 2025 13:05:33Reported by ZabbixType

Authenticated Zabbix user can cause frontend denial of service via /imgstore.php with parameters.

Reporter	Title	Published	Views	Family All 21
AlpineLinux	CVE-2025-49643	1 Dec 202513:05	–	alpinelinux
AstraLinux	Astra Linux - уязвимость в zabbix	20 May 202605:53	–	astralinux
Circl	CVE-2025-49643	1 Dec 202513:15	–	circl
CNNVD	Zabbix 安全漏洞	1 Dec 202500:00	–	cnnvd
Cvelist	CVE-2025-49643 Frontend DoS vulnerability due to asymmetric resource consumption	1 Dec 202513:05	–	cvelist
Debian CVE	CVE-2025-49643	1 Dec 202513:05	–	debiancve
EUVD	EUVD-2025-199985	1 Dec 202515:30	–	euvd
NVD	CVE-2025-49643	1 Dec 202514:16	–	nvd
OSV	DEBIAN-CVE-2025-49643	1 Dec 202514:16	–	osv
OSV	UBUNTU-CVE-2025-49643	1 Dec 202514:16	–	osv

NVD

Node

zabbix frontendRange6.0.0–6.0.42

zabbix frontendRange7.0.0–7.0.19

zabbix frontendRange7.2.0–7.2.13

zabbix frontendRange7.4.0–7.4.3

[
  {
    "defaultStatus": "unknown",
    "modules": [
      "Frontend"
    ],
    "product": "Zabbix",
    "repo": "https://git.zabbix.com/",
    "vendor": "Zabbix",
    "versions": [
      {
        "changes": [
          {
            "at": "6.0.42",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "6.0.41",
        "status": "affected",
        "version": "6.0.0",
        "versionType": "git"
      },
      {
        "changes": [
          {
            "at": "7.0.19",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "7.0.18",
        "status": "affected",
        "version": "7.0.0",
        "versionType": "git"
      },
      {
        "changes": [
          {
            "at": "7.2.13",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "7.2.12",
        "status": "affected",
        "version": "7.2.0",
        "versionType": "git"
      },
      {
        "changes": [
          {
            "at": "7.4.3",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "7.4.2",
        "status": "affected",
        "version": "7.4.0",
        "versionType": "git"
      }
    ]
  }
]

Source	Link
support	www.support.zabbix.com/browse/ZBX-27284

06 Feb 2026 15:28Current

6.2Medium risk

Vulners AI Score6.2

CVSS 3.16.5

CVSS 46

EPSS0.00102

SSVC

CWE-405