exploitDog

GHSA-798q-fhcc-4r5j

Опубликовано: 28 июл. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 9.3

Описание

An incorrect default permissions vulnerability exists in the CServerSettings::SetRegistryValues functionality of MedDream PACS Premium 7.3.3.840. A specially crafted application can decrypt credentials stored in a configuration-related registry key. An attacker can execute a malicious script or application to exploit this vulnerability.

An incorrect default permissions vulnerability exists in the CServerSettings::SetRegistryValues functionality of MedDream PACS Premium 7.3.3.840. A specially crafted application can decrypt credentials stored in a configuration-related registry key. An attacker can execute a malicious script or application to exploit this vulnerability.

Ссылки

EPSS

Процентиль: 21%

0.00067

Низкий

9.3 Critical

CVSS3

CVE ID

Дефекты

CWE-732

Связанные уязвимости

CVE-2025-26469

CVSS3: 9.3

nvd

6 месяцев назад

An incorrect default permissions vulnerability exists in the CServerSettings::SetRegistryValues functionality of MedDream PACS Premium 7.3.3.840. A specially crafted application can decrypt credentials stored in a configuration-related registry key. An attacker can execute a malicious script or application to exploit this vulnerability.

EPSS

Процентиль: 21%

0.00067

Низкий

9.3 Critical

CVSS3

CVE ID

Дефекты

CWE-732