Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 2:3 a.m.6 views

CVE-2023-33466

Orthanc before 1.12.0 allows authenticated users with access to the Orthanc API to overwrite arbitrary files on the file system, and in specific deployment scenarios allows the attacker to overwrite the configuration, which can be exploited to trigger Remote Code Execution RCE...

8.8CVSS7.3AI score0.0415EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2023/08/09 12:0 a.m.21 views

Debian DSA-5473-1 : orthanc - security update

The remote Debian 11 / 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5473 advisory. It was discovered that authenticated API users of Orthanc, a DICOM server for medical imaging, could overwrite arbitrary files and in some setups execute arbitrary...

8.8CVSS8.2AI score0.0415EPSS
Exploits0References7
Debian
Debian
added 2023/08/08 9:14 p.m.23 views

[SECURITY] [DSA 5473-1] orthanc security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5473-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff August 08, 2023 https://www.debian.org/security/faq -...

8.8CVSS6.7AI score0.0415EPSS
Exploits0
Circl
Circl
added 2023/06/29 6:14 p.m.4 views

CVE-2023-33466

creationtimestamp| type| source ---|---|--- 2023-06-29 18:14:26+00:00| seen| https://t.me/cibsecurity/65721 2023-10-25 07:00:06+00:00| published-proof-of-concept| https://t.me/TopCyberTechNews/381 2023-11-29 22:26:03+00:00| published-proof-of-concept| https://t.me/cKure/12040 2023-12-02...

8.8CVSS7.2AI score0.0415EPSS
Exploits0References5
OSV
OSV
added 2023/06/29 3:15 p.m.4 views

CVE-2023-33466

Orthanc before 1.12.0 allows authenticated users with access to the Orthanc API to overwrite arbitrary files on the file system, and in specific deployment scenarios allows the attacker to overwrite the configuration, which can be exploited to trigger Remote Code Execution RCE...

8.8CVSS8.8AI score
Exploits0References3
Vulnrichment
Vulnrichment
added 2023/06/29 12:0 a.m.12 views

CVE-2023-33466

Orthanc before 1.12.0 allows authenticated users with access to the Orthanc API to overwrite arbitrary files on the file system, and in specific deployment scenarios allows the attacker to overwrite the configuration, which can be exploited to trigger Remote Code Execution RCE...

7.2AI score0.0415EPSS
Exploits0References3
Cvelist
Cvelist
added 2023/06/29 12:0 a.m.31 views

CVE-2023-33466

Orthanc before 1.12.0 allows authenticated users with access to the Orthanc API to overwrite arbitrary files on the file system, and in specific deployment scenarios allows the attacker to overwrite the configuration, which can be exploited to trigger Remote Code Execution RCE...

9AI score0.0415EPSS
Exploits0References3
CVE
CVE
added 2023/06/29 12:0 a.m.69 views

CVE-2023-33466

Orthanc ≤ 1.12.0 allows authenticated API users to overwrite arbitrary files and, in certain configurations, trigger RCE. Debian advisories backported RestApiWriteToFileSystemEnabled in the configuration (default enabled in some releases) and provide patched versions: bullseye 1.9.2+…deb11u1, boo...

8.8CVSS8.6AI score0.0415EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder