Home

Description

PacsOne Server version 6.6.2 (prior versions are likely affected) contains a directory traversal vulnerability within the web-based DICOM viewer component. Successful exploitation allows a remote unauthenticated attacker to read arbitrary files via the 'nocache.php' endpoint with a crafted 'path' parameter. Exploitation evidence was observed by the Shadowserver Foundation on 2025-02-02 UTC.

PUBLISHED Reserved 2025-10-29 | Published 2025-11-10 | Updated 2025-11-21 | Assigner VulnCheck




HIGH: 8.7CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Problem types

CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Product status

Default status
unaffected

6.6.2
affected

Timeline

2018-01-28:ExploitDB-43907 is publicly disclosed.
2017-09-28:Vendor notifies researcher of vulnerability remediation.

Credits

Carlos Avila finder

References

www.exploit-db.com/exploits/43907 exploit

www.exploit-db.com/exploits/43907 exploit

pacsone.net/download.htm product

www.vulncheck.com/...icom-web-viewer-directory-traversal-lfi third-party-advisory

cve.org (CVE-2018-25124)

nvd.nist.gov (CVE-2018-25124)

Download JSON