CNNVD-202507-3513 Information

CNNVD ID

CNNVD-202507-3513

Related CVE

CVE-2025-24485

• CNNVD Published: 2025-07-28

Description (Chinese)

MedDream PACS Premium是MedDream公司的一款企业级图像存储与管理服务器套件。 MedDream PACS Premium 7.3.5.860版本存在代码问题漏洞，该漏洞源于文件cecho.php功能存在服务端请求伪造。

Description (English)

MedDream PACS Premium is an enterprise-level image storage and management server suite for MedDream. MedDream PACS Premium version 7.3.5.860 has a code gap, which stems from the existence of a service-end request for forgery of the documentcecho.php function.

Hazard Level

High

Vulnerability Type

代码问题

Affected Vendor

MedDream

Published

2025-07-28

Last Modified

2026-02-24

References

https://talosintelligence.com/vulnerability_reports/TALOS-2025-2177 https://access.redhat.com/security/cve/cve-2025-24485

Patch

https://meddream.com/products/meddream-dicom-viewer/#downloads