Description
Softneta MedDream PACS Server Premium 6.7.1.1 contains a directory traversal vulnerability that allows unauthenticated attackers to read arbitrary files by manipulating the path parameter. Attackers can send requests to nocache.php with encoded backslash sequences to traverse directories and access sensitive files including system configuration and password files.
Published: 2026-05-25
Score: 8.7 High
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

Softneta MedDream PACS Server Premium 6.7.1.1 contains a directory traversal flaw in the nocache.php script that allows an attacker to manipulate the path parameter and read files outside the intended directory, including system configuration and password files. The vulnerability is exploitable without authentication and is classified as CWE-22, enabling an attacker to compromise confidentiality of sensitive data by retrieving arbitrary files from the host.

Affected Systems

The vulnerability affects Softneta MedDream PACS Server Premium version 6.7.1.1. No other product or version information is listed as impacted, indicating that this specific build is the only known affected edition.

Risk and Exploitability

With a CVSS score of 8.7, this flaw is considered high severity. The EPSS score is not available, and it is not listed in the CISA KEV catalog. Because the attack requires only a crafted HTTP request to nocache.php and no authentication, the likelihood of exploitation is significant in environments where the software is exposed to untrusted networks. Successful exploitation would give an attacker read access to sensitive configuration and user credential files, potentially facilitating further attacks on the system.

Generated by OpenCVE AI on May 25, 2026 at 15:23 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Softneta MedDream PACS Server Premium to a version that removes the vulnerable nocache.php functionality or applies the vendor’s patch for this issue.
  • Reconfigure the web server to deny direct access to nocache.php for unauthenticated users, or place it behind an authentication gateway.
  • Deploy a web application firewall rule to filter out requests containing directory traversal patterns such as "../" or encoded backslashes before they reach the application.

Generated by OpenCVE AI on May 25, 2026 at 15:23 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 25 May 2026 14:30:00 +0000

Type Values Removed Values Added
Description Softneta MedDream PACS Server Premium 6.7.1.1 contains a directory traversal vulnerability that allows unauthenticated attackers to read arbitrary files by manipulating the path parameter. Attackers can send requests to nocache.php with encoded backslash sequences to traverse directories and access sensitive files including system configuration and password files.
Title Softneta MedDream PACS Server Premium 6.7.1.1 Directory Traversal
First Time appeared Softneta
Softneta meddream Pacs
Weaknesses CWE-22
CPEs cpe:2.3:a:softneta:meddream_pacs:6.7.1.1:*:*:*:*:*:*:*
Vendors & Products Softneta
Softneta meddream Pacs
References
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N'}

cvssV4_0

{'score': 8.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N'}

Subscriptions

Softneta Meddream Pacs
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-05-25T14:15:18.585Z

Reserved: 2026-05-25T13:49:54.894Z

Link: CVE-2018-25374

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-25T16:30:15Z

Weaknesses