The vulnerability of the module responsible for processing URL addresses of medical image and data management systems, such as Sante PACS Server PG, allows a hacker to trigger a service failure.

🗓️ 21 Jan 2025 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

bdu_fstec

bdu_fstec🔗 bdu.fstec.ru👁 4 Views

URL parsing vulnerability in Sante imaging server due to insufficient data validation may cause service failure.

Reporter	Title	Published	Views	Family All 10
Circl	CVE-2025-0574	20 Jan 202505:00	–	circl
CNNVD	Santesoft Sante PACS Server 缓冲区错误漏洞	30 Jan 202500:00	–	cnnvd
CVE	CVE-2025-0574	30 Jan 202520:17	–	cve
Cvelist	CVE-2025-0574 Sante PACS Server URL path Memory Corruption Denial-of-Service Vulnerability	30 Jan 202520:17	–	cvelist
EUVD	EUVD-2025-1771	3 Oct 202520:07	–	euvd
NVD	CVE-2025-0574	30 Jan 202521:15	–	nvd
OSV	CVE-2025-0574	30 Jan 202521:15	–	osv
Positive Technologies	PT-2025-1197 · Unknown · Sante Pacs Server	20 Jan 202500:00	–	ptsecurity
Vulnrichment	CVE-2025-0574 Sante PACS Server URL path Memory Corruption Denial-of-Service Vulnerability	30 Jan 202520:17	–	vulnrichment
Zero Day Initiative	Sante PACS Server URL path Memory Corruption Denial-of-Service Vulnerability	20 Jan 202500:00	–	zdi

Vulners

Node

santesoft sante_pacs_server_pgRange<4.0.10

Source	Link
zerodayinitiative	www.zerodayinitiative.com/advisories/ZDI-CAN-25318/
web	www.web.nvd.nist.gov/view/vuln/detail
zerodayinitiative	www.zerodayinitiative.com/advisories/ZDI-25-055/

22 Jan 2025 00:00Current

7.5High risk

Vulners AI Score7.5

CVSS 38.2

CVSS 28.5

EPSS0.00846

sante imaging server url parsing vulnerability data validation flaw service interruption risk medical data management