CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-2284 – Santesoft Sante PACS Server Access of Uninitialized Pointer DoS
https://notcve.org/view.php?id=CVE-2025-2284
13 Mar 2025 — A denial-of-service vulnerability exists in the "GetWebLoginCredentials" function in "Sante PACS Server.exe". • https://www.tenable.com/security/research/tra-2025-08 • CWE-824: Access of Uninitialized Pointer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-2265 – Santesoft Sante PACS Server HTTP.db SHA1 Hash Truncation
https://notcve.org/view.php?id=CVE-2025-2265
13 Mar 2025 — The password of a web user in "Sante PACS Server.exe" is zero-padded to 0x2000 bytes, SHA1-hashed, base64-encoded, and stored in the USER table in the SQLite database HTTP.db. However, the number of hash bytes encoded and stored is truncated if the hash contains a zero byte • https://www.tenable.com/security/research/tra-2025-08 • CWE-916: Use of Password Hash With Insufficient Computational Effort •
CVSS: 7.8EPSS: 74%CPEs: 1EXPL: 0CVE-2025-2264 – Santesoft Sante PACS Server Path Traversal Information Disclosure
https://notcve.org/view.php?id=CVE-2025-2264
13 Mar 2025 — A Path Traversal Information Disclosure vulnerability exists in "Sante PACS Server.exe". An unauthenticated remote attacker can exploit it to download arbitrary files on the disk drive where the application is installed. • https://www.tenable.com/security/research/tra-2025-08 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-2263 – Santesoft Sante PACS Server Stack-based Buffer Overflow
https://notcve.org/view.php?id=CVE-2025-2263
13 Mar 2025 — During login to the web server in "Sante PACS Server.exe", OpenSSL function EVP_DecryptUpdate is called to decrypt the username and password. A fixed 0x80-byte stack-based buffer is passed to the function as the output buffer. A stack-based buffer overflow exists if a long encrypted username or password is supplied by an unauthenticated remote attacker. • https://www.tenable.com/security/research/tra-2025-08 • CWE-121: Stack-based Buffer Overflow •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-2272 – Sante PACS Server SQL Injection Authentication Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2022-2272
07 Jul 2022 — This vulnerability allows remote attackers to bypass authentication on affected installations of Sante PACS Server 3.0.4. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of calls to the login endpoint. When parsing the username element, the process does not properly validate a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to bypass authentication on the system. • https://www.zerodayinitiative.com/advisories/ZDI-22-955 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •