CVE-2025-2264

High CVSS: 7.5

A Path Traversal Information Disclosure vulnerability exists in "Sante PACS Server.exe". An unauthenticated remote attacker can exploit it to download arbitrary files on the disk drive where the application is installed.

Vendor

Santesoft

Product

Sante Pacs Server

CWE

CWE-22

Yayın Tarihi

2025-03-13 17:15:38

Güncelleme

2025-04-03 18:19:34

Source Identifier

vulnreport@tenable.com

KEV Date Added

Kategoriler

CWE-22 Sante Pacs Server HIGH Santesoft 2025

Referanslar

https://www.tenable.com/security/research/tra-2025-08 https://www.tenable.com/security/research/tra-2025-08

Benzer Kayıtlar

High

CVE-2026-2034

Sante DICOM Viewer Pro DCM File Parsing Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows r…

High

CVE-2025-53948

The Sante PACS Server allows a remote attacker to crash the main thread by sending a crafted HL7 message, causing a deni…

Critical

CVE-2025-54156

The Sante PACS Server Web Portal sends credential information without encryption.

Medium

CVE-2025-54759

Sante PACS Server is vulnerable to stored cross-site scripting. An attacker could inject malicious HTML codes redirectin…

Medium

CVE-2025-54862

Sante PACS Server web portal is vulnerable to stored cross-site scripting. An attacker could inject malicious HTML codes…

High

CVE-2025-5481

Sante DICOM Viewer Pro DCM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allo…