Path Traversal in Rainbowfish Software Pacsone Server
CVE-2018-25124
PacsOne Server version 6.6.2 (prior versions are likely affected) contains a directory traversal vulnerability within the web-based DICOM viewer component. Successful exploitation allows a remote unauthenticated attacker to read arbitrary…
Vulnerability class: Path Traversal (Directory Traversal)
EPSS: 0.008 (52.8th percentile) — read the EPSS interpretation.
Affected products
- Rainbowfish Software Pacsone Server — versions 6.6.2
Weakness classification (CWE)
References
- disclosure@vulncheck.com (exploit)
- disclosure@vulncheck.com (product)
- disclosure@vulncheck.com (third-party-advisory)