CVE-2020-29166
Description
PacsOne Server (PACS Server In One Box) below 7.1.1 is affected by file read/manipulation, which can result in remote information disclosure.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- PacsOne Server/PacsOne Serverdescription
- Range: <7.1.1
Patches
Vulnerability mechanics
Root cause
"Missing input validation allows file read/manipulation, leading to remote information disclosure."
Attack vector
An attacker can exploit a file read/manipulation vulnerability in PacsOne Server to remotely disclose information [ref_id=1]. The advisory does not detail the specific payload shape or network path, but the weakness class indicates the attacker sends crafted requests that cause the server to read or manipulate files it should not have access to. No authentication requirements or preconditions are specified in the bundle.
Affected code
The advisory does not specify exact file paths or function names. The vulnerability affects PacsOne Server (PACS Server In One Box) versions below 7.1.1 [ref_id=1]. No patch or code diff is provided in the bundle.
What the fix does
The vendor addressed this vulnerability in PacsOne Server version 7.1.1 [ref_id=1]. No patch diff is available in the bundle, so the exact code changes are unknown. Users are advised to upgrade to version 7.1.1 or later to remediate the file read/manipulation issue.
Preconditions
- inputThe advisory does not specify required preconditions such as authentication or specific network access.
Generated on May 31, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
2- gist.github.com/leommxj/0a32afeeaac960682c5b7c9ca8ed070dmitrex_refsource_MISC
- pacsone.net/download.htmmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.