CVE-2018-25124

HIGH EXPLOITED

PacsOne Server <6.6.2 - Path Traversal

Title source: llm

Description

PacsOne Server version 6.6.2 (prior versions are likely affected) contains a directory traversal vulnerability within the web-based DICOM viewer component. Successful exploitation allows a remote unauthenticated attacker to read arbitrary files via the 'nocache.php' endpoint with a crafted 'path' parameter. Exploitation evidence was observed by the Shadowserver Foundation on 2025-02-02 UTC.

Exploits (1)

exploitdb WORKING POC

by Carlos Avila · textwebappsphp

https://www.exploit-db.com/exploits/43907

View Code ZIP pw:eip

References (3)

[Various Sources] https://pacsone.net/download.htm

[Third Party Advisory] https://www.vulncheck.com/advisories/pacsone-server-dicom-web-viewer-directory-traversal-lfi

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/43907

Scores

CVSS v4 8.7

EPSS 0.0116

EPSS Percentile 78.7%

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Details

VulnCheck KEV 2025-11-10

CWE

CWE-22

Status published

Products (1)

RainbowFish Software/PacsOne Server 6.6.2

Published Nov 10, 2025

Tracked Since Feb 18, 2026