← voltar
CVE-2022-2120

OFFIS DCMTK Path Traversal

CVSS 7.5 HIGHEPSS 2.8%CWE-23
OFFIS DCMTK's (All versions prior to 3.6.7) service class user (SCU) is vulnerable to relative path traversal, allowing an attacker to write DICOM files into arbitrary directories under controlled names. This could allow remote code execution.
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Produtos afetados
OFFIS · DCMTK

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://lists.debian.org/debian-lts-announce/2025/06/msg00025.htmlhttps://www.cisa.gov/uscert/ics/advisories/icsma-22-174-01