CVE-2018-25374

HIGH

Softneta MedDream PACS Server Premium 6.7.1.1 Directory Traversal

Title source: cna

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-25374. PoCs published by Carlos Avila.

AI-analyzed exploit summary The exploit demonstrates a directory traversal vulnerability in Softneta MedDream PACS Server Premium 6.7.1.1 via the 'path' parameter in 'nocache.php'. The PoC includes URLs with encoded traversal sequences to access sensitive files like 'win.ini' and 'hosts'.

Description

Softneta MedDream PACS Server Premium 6.7.1.1 contains a directory traversal vulnerability that allows unauthenticated attackers to read arbitrary files by manipulating the path parameter. Attackers can send requests to nocache.php with encoded backslash sequences to traverse directories and access sensitive files including system configuration and password files.

Exploits (1)

exploitdb WORKING POC

by Carlos Avila · textwebappsphp

https://www.exploit-db.com/exploits/45347

View Code ZIP pw:eip

The exploit demonstrates a directory traversal vulnerability in Softneta MedDream PACS Server Premium 6.7.1.1 via the 'path' parameter in 'nocache.php'. The PoC includes URLs with encoded traversal sequences to access sensitive files like 'win.ini' and 'hosts'.

Classification

Working Poc 95%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: Softneta MedDream PACS Server Premium 6.7.1.1

No auth needed

Prerequisites: Network access to the target server

MITRE ATT&CK

T1005 - Data from Local System T1552 - Unsecured Credentials

devstral-2 · analyzed May 25, 2026 Full analysis →

References (3)

Core 3

Core References

Exploit exploit

ExploitDB-45347

https://www.exploit-db.com/exploits/45347

Product product

Product Reference

https://www.softneta.com/products/meddream-pacs-server/downloads.html

Third Party Advisory third-party-advisory

VulnCheck Advisory: Softneta MedDream PACS Server Premium 6.7.1.1 Directory Traversal

https://www.vulncheck.com/advisories/softneta-meddream-pacs-server-premium-directory-traversal

Scores

CVSS v3 7.5

EPSS 0.0078

EPSS Percentile 51.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact partial

Details

CWE

CWE-22

Status published

Products (1)

Softneta/MedDream PACS Server Premium 6.7.1.1

Published May 25, 2026

Tracked Since May 25, 2026