A privilege escalation vulnerability exists in the loginphp functionality of meddream MedDream

链接： https://github.com/advisories/GHSA-55cp-gfwj-549w

CVSS 评分： 9.4

参考链接：

https://nvd.nist.gov/vuln/detail/CVE-2025-27724
https://talosintelligence.com/vulnerability_reports/TALOS-2025-2156
https://github.com/advisories/GHSA-55cp-gfwj-549w

描述：

A privilege escalation vulnerability exists in the login.php functionality of meddream MedDream PACS Premium 7.3.3.840. A specially crafted .php file can lead to elevated capabilities. An attacker can upload a malicious file to trigger this vulnerability.

安全公告

#Github Advisory

A privilege escalation vulnerability exists in the loginphp functionality of meddream MedDream

http://example.com/2025/07/28/github_3830805617/

作者

lianccc

发布于

2025年7月28日

许可协议

An incorrect default permissions vulnerability exists in the CServerSettingsSetRegistryValues 上一篇

CVE-2025-53770 反序列化漏洞下一篇