← volver
CVE-2022-2120

OFFIS DCMTK Path Traversal

CVSS 7.5 HIGHEPSS 2.8%CWE-23
OFFIS DCMTK's (All versions prior to 3.6.7) service class user (SCU) is vulnerable to relative path traversal, allowing an attacker to write DICOM files into arbitrary directories under controlled names. This could allow remote code execution.
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Productos afectados
OFFIS · DCMTK

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://lists.debian.org/debian-lts-announce/2025/06/msg00025.htmlhttps://www.cisa.gov/uscert/ics/advisories/icsma-22-174-01