VYPR
Medium severity5.8NVD Advisory· Published Jul 28, 2025· Updated Jun 17, 2026

CVE-2025-24485

CVE-2025-24485

Description

A server-side request forgery vulnerability exists in the cecho.php functionality of MedDream PACS Premium 7.3.5.860. A specially crafted HTTP request can lead to SSRF. An attacker can make an unauthenticated HTTP request to trigger this vulnerability.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • MedDream/PACS Premiumllm-fuzzy2 versions
    = 7.3.5.860+ 1 more
    • (no CPE)range: = 7.3.5.860
    • (no CPE)range: 7.3.5.860

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.