Home

Description

Meridian Technique Materialise OrthoView through 7.5.1 allows OS Command Injection when servlet sharing is enabled.

PUBLISHED Reserved 2025-01-10 | Published 2025-06-23 | Updated 2025-10-23 | Assigner mitre




HIGH: 8.4CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:L/VA:H/SC:L/SI:L/SA:L

Problem types

CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Product status

Default status
unknown

Any version
affected

References

www.materialise.com/en/healthcare/orthoview

www.materialise.com/...care/orthoview/security-vulnerability

outurnate.com/...ass-in-materialise-orthoview-cve-2025-23049

cve.org (CVE-2025-23049)

nvd.nist.gov (CVE-2025-23049)

Download JSON