4 matches found
CVE-2026-56445 pydicom pynetdicom Library Path Traversal
The qrscp application's C-STORE handler uses a specific instance from attacker-supplied DICOM datasets directly in os.path.join without sanitization, allowing file writes to arbitrary paths...
CVE-2026-56445
The CVE-2026-56445 issue affects the qrscp application’s C-STORE handler. It directly uses an attacker-supplied DICOM dataset instance in os.path.join() without sanitization, enabling writes to arbitrary file paths on the system. This is a path traversal vulnerability in the file-write path, with...
CVE-2026-56445 pydicom pynetdicom Library Path Traversal
The qrscp application's C-STORE handler uses a specific instance from attacker-supplied DICOM datasets directly in os.path.join without sanitization, allowing file writes to arbitrary paths...
pydicom pynetdicom Library
ADVISORY SUMMARY Successful exploitation of this vulnerability could allow an unauthenticated attacker to write to arbitrary file paths. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Minimize network exposure...