CVE-2025-27724

A privilege escalation vulnerability exists in the login.php functionality of meddream MedDream PACS Premium 7.3.3.840. A specially crafted .php file can lead to elevated capabilities. An attacker can upload a malicious file to trigger this vulnerability.

CVSS v3 9.3 CRITICAL

9.3^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 2.5 / Impact : 6.0

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope CHANGED

References

Link	Resource
https://talosintelligence.com/vulnerability_reports/TALOS-2025-2156	Exploit Third Party Advisory
https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2156

Configurations

Configuration 1 (hide)

cpe:2.3:a:meddream:pacs_server:7.3.2.840:*:*:*:premium:*:*:*

History

03 Nov 2025, 20:18

Type	Values Removed	Values Added
References		() https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2156 -
References	~~() https://talosintelligence.com/vulnerability_reports/TALOS-2025-2156 -~~	() https://talosintelligence.com/vulnerability_reports/TALOS-2025-2156 - Exploit, Third Party Advisory
CPE		cpe:2.3:a:meddream:pacs_server:7.3.2.840::::premium:::
CWE		NVD-CWE-noinfo
First Time		Meddream pacs Server Meddream

29 Jul 2025, 14:14

Type	Values Removed	Values Added
Summary		(es) Existe una vulnerabilidad de escalada de privilegios en la función login.php de MedDream PACS Premium 7.3.3.840. Un archivo .php especialmente manipulado puede generar privilegios elevados. Un atacante puede subir un archivo malicioso para activar esta vulnerabilidad.

28 Jul 2025, 14:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-07-28 14:15

Updated : 2025-11-03 20:18

NVD link : CVE-2025-27724

Mitre link : CVE-2025-27724

CVE.ORG link : CVE-2025-27724

JSON object : View

Products Affected

meddream

pacs_server

CWE

CWE-284

Improper Access Control

NVD-CWE-noinfo

{"id": "CVE-2025-27724", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "talos-cna@cisco.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 9.3, "attackVector": "LOCAL", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 2.5}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2025-07-28T14:15:26.467", "references": [{"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2025-2156", "tags": ["Exploit", "Third Party Advisory"], "source": "talos-cna@cisco.com"}, {"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2156", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "talos-cna@cisco.com", "description": [{"lang": "en", "value": "CWE-284"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "A privilege escalation vulnerability exists in the login.php functionality of meddream MedDream PACS Premium 7.3.3.840. A specially crafted .php file can lead to elevated capabilities. An attacker can upload a malicious file to trigger this vulnerability."}, {"lang": "es", "value": "Existe una vulnerabilidad de escalada de privilegios en la funci\u00f3n login.php de MedDream PACS Premium 7.3.3.840. Un archivo .php especialmente manipulado puede generar privilegios elevados. Un atacante puede subir un archivo malicioso para activar esta vulnerabilidad."}], "lastModified": "2025-11-03T20:18:06.937", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:meddream:pacs_server:7.3.2.840:*:*:*:premium:*:*:*", "vulnerable": true, "matchCriteriaId": "2FEB620B-C8F8-418B-B5AC-6CCDE305AA68"}], "operator": "OR"}]}], "sourceIdentifier": "talos-cna@cisco.com"}