← voltar
CVE-2025-27724

CVE-2025-27724

CVSS 9.3 CRITICALEPSS 0.5%CWE-284
A privilege escalation vulnerability exists in the login.php functionality of meddream MedDream PACS Premium 7.3.3.840. A specially crafted .php file can lead to elevated capabilities. An attacker can upload a malicious file to trigger this vulnerability.
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Produtos afetados
MedDream · MedDream PACS Premium

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://talosintelligence.com/vulnerability_reports/TALOS-2025-2156https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2156