High severityNVD Advisory· Published Nov 10, 2025· Updated Apr 15, 2026
CVE-2018-25124
CVE-2018-25124
Description
PacsOne Server version 6.6.2 (prior versions are likely affected) contains a directory traversal vulnerability within the web-based DICOM viewer component. Successful exploitation allows a remote unauthenticated attacker to read arbitrary files via the 'nocache.php' endpoint with a crafted 'path' parameter. Exploitation evidence was observed by the Shadowserver Foundation on 2025-02-02 UTC.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: <=6.6.2
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.