Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/07/30 1:37 p.m.8 views

CVE-2025-24485

A server-side request forgery vulnerability exists in the cecho.php functionality of MedDream PACS Premium 7.3.5.860. A specially crafted HTTP request can lead to SSRF. An attacker can make an unauthenticated HTTP request to trigger this vulnerability...

7.5CVSS6.4AI score0.05348EPSS
Exploits1References1
Circl
Circl
added 2025/07/28 3:37 p.m.18 views

CVE-2025-24485

creationtimestamp| type| source ---|---|--- 2025-07-28 15:37:03+00:00| seen| https://bsky.app/profile/buherator.bsky.social/post/3luzwc47lt52v 2025-07-28 15:45:59+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3luzws43yrx2b...

7.5CVSS4.8AI score0.05348EPSS
Exploits1References2
OSV
OSV
added 2025/07/28 2:15 p.m.11 views

CVE-2025-24485

A server-side request forgery vulnerability exists in the cecho.php functionality of MedDream PACS Premium 7.3.5.860. A specially crafted HTTP request can lead to SSRF. An attacker can make an unauthenticated HTTP request to trigger this vulnerability...

7.5CVSS5.8AI score0.05348EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/07/28 1:36 p.m.3 views

CVE-2025-24485

A server-side request forgery vulnerability exists in the cecho.php functionality of MedDream PACS Premium 7.3.5.860. A specially crafted HTTP request can lead to SSRF. An attacker can make an unauthenticated HTTP request to trigger this vulnerability...

5.8CVSS6.5AI score0.05348EPSS
Exploits1References1
CVE
CVE
added 2025/07/28 1:36 p.m.28 views

CVE-2025-24485

MedDream PACS Premium 7.3.5.860 is affected by CVE-2025-24485: a pre-auth SSRF in cecho.php that lets an unauthenticated attacker craft HTTP requests to influence an Association object and potentially map internal hosts via fsockopen, as detailed by Talos (CVE-2025-24485, CVSS ~5.8). Talos provid...

7.5CVSS6.5AI score0.05348EPSS
Exploits1References2Affected Software1
Talos
Talos
added 2025/07/28 12:0 a.m.11 views

MedDream PACS Premium cecho.php SSRF vulnerability

Talos Vulnerability Report TALOS-2025-2177 MedDream PACS Premium cecho.php SSRF vulnerability July 28, 2025 CVE Number CVE-2025-24485 SUMMARY A server-side request forgery vulnerability exists in the cecho.php functionality of MedDream PACS Premium 7.3.5.860. A specially crafted HTTP request can...

7.5CVSS6.7AI score0.05348EPSS
Exploits1
Rows per page
Query Builder