CNNVD-202512-103 Information

CNNVD ID

CNNVD-202512-103

Related CVE

CVE-2025-49643

• CNNVD Published: 2025-12-01

Description (Chinese)

Zabbix是Zabbix公司的一套开源的监控系统。该系统支持网络监控、服务器监控、云监控和应用监控等。 Zabbix存在安全漏洞，该漏洞源于经过身份验证的用户可通过发送特制参数到/imgstore.php导致CPU负载过高，可能导致拒绝服务。

Description (English)

Zabbix is an open-source monitoring system for Zabbix. The system supports network monitoring, server monitoring, cloud monitoring and application monitoring, etc. There is a security loophole in Zabbix, which stems from the fact that certified users can cause overloading of CPUs by sending unique parameters to/imgstore.php, which may lead to the denial of services.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

Zabbix

Published

2025-12-01

Last Modified

2026-02-24

References

https://support.zabbix.com/browse/ZBX-27284 https://access.redhat.com/security/cve/cve-2025-49643 https://vigilance.fr/vulnerability/Zabbix-overload-via-imgstore-php-48913

Patch

https://www.zabbix.com/download