CVE-2025-2264

Published Mar 13, 2025

Last updated a year ago

CVSS high 7.5

Overview

Description
A Path Traversal Information Disclosure vulnerability exists in "Sante PACS Server.exe". An unauthenticated remote attacker can exploit it to download arbitrary files on the disk drive where the application is installed.
Source
vulnreport@tenable.com
NVD status
Analyzed
Products
sante_pacs_server

Risk scores

CVSS 3.1

Type
Primary
Base score
7.5
Impact score
3.6
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Severity
HIGH

Weaknesses

vulnreport@tenable.com
CWE-22
nvd@nist.gov
CWE-22

Social media

Hype score
Not currently trending

  1. ペネトレーションテストツールMetasploitが大規模更新。Erlang/OTP SSHのCVE-2025-32433やSante PACS ServerのCVE-2025-2264に対応する攻撃コード、OPNSenseファイアウォールへの総当りログインスキャナ、SMB-to-HTTPリレー攻撃の追

    @__kokumoto

    12 May 2025

    5182 Impressions

    23 Retweets

    89 Likes

    46 Bookmarks

    0 Replies

    0 Quotes

  2. 🚨 CVE-2025-2264 - high 🚨 Sante PACS Server.exe - Path Traversal Information Disclosure > A Path Traversal Information Disclosure vulnerability exists in "Sante PACS Server.ex... 👾 https://t.co/Oyh0peMlOK @pdnuclei #NucleiTemplates #cve

    @pdnuclei_bot

    10 Apr 2025

    59 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. 🔴 Sante PACS Server, Path Traversal Information Disclosure, #CVE-2025-2264 (Critical) https://t.co/wURqB3U7ON

    @dailycve

    3 Apr 2025

    8 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. 🚨 CVE-2025-2264 🔴 HIGH (7.5) 🏢 Santesoft - Sante PACS Server 🏗️ 4.1.0 🔗 https://t.co/fZ935whPFV #CyberCron #VulnAlert #InfoSec https://t.co/4JNA7h0PGm

    @cybercronai

    15 Mar 2025

    10 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  5. CVE-2025-2264 A Path Traversal Information Disclosure vulnerability exists in "Sante PACS Server.exe". An unauthenticated remote attacker can exploit it to download arbitrary files o… https://t.co/paZ0rxN2Mp

    @CVEnew

    13 Mar 2025

    116 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

Configurations

Related CVEs

  1. Sante PACS Server is vulnerable to stored cross-site scripting. An attacker could inject malicious HTML codes redirecting a user to a malicious webpage and stealing the user's cookie.CVE-2025-54759
  2. Sante PACS Server web portal is vulnerable to stored cross-site scripting. An attacker could inject malicious HTML codes redirecting a user to a malicious webpage and stealing the user's cookie.CVE-2025-54862
  3. The Sante PACS Server allows a remote attacker to crash the main thread by sending a crafted HL7 message, causing a denial-of-service condition. The application would require a manual restart and no authentication is required.CVE-2025-53948
  4. The Sante PACS Server Web Portal sends credential information without encryption.CVE-2025-54156
  5. During login to the web server in "Sante PACS Server.exe", OpenSSL function EVP_DecryptUpdate is called to decrypt the username and password. A fixed 0x80-byte stack-based buffer is passed to the function as the output buffer. A stack-based buffer overflow exists if a long encrypted username or password is supplied by an unauthenticated remote attacker.CVE-2025-2263

References

Sources include official advisories and independent security research.