CVE 9.6 CRITICAL

CVE-2025-53912_CVE-2025-53912

January 20, 2026 invoker category_cve

9.6 / 10

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N

Description

An arbitrary file read vulnerability exists in the encapsulatedDoc functionality of MedDream PACS Premium 7.3.6.870. A specially crafted HTTP request can lead to an arbitrary file read. An attacker can send http request to trigger this vulnerability.

AI Analysis

Arbitrary file read vulnerability in MedDream PACS Premium via specially crafted HTTP request

Basic Information

ID CVE-2025-53912

Source talos

Published Jan 20, 2026 at 14:49

Modified Jan 20, 2026 at 15:09

Affected Product

Vendor MedDream

Product MedDream PACS Premium

Version 7.3.6.870

Affected Versions MedDream MedDream PACS Premium 7.3.6.870

CWE Classification

CWE-73

AI Assessment

AI Score 9.6 / 10

AI Severity Critical

Vendor MedDream

Product MedDream PACS Premium

Version 7.3.6.870

References

talosintelligence.com /vulnerability_reports/TALOS-2025-2273

{
    "lastseen": "",
    "description": "An arbitrary file read vulnerability exists in the encapsulatedDoc functionality of MedDream PACS Premium 7.3.6.870. A specially crafted HTTP request can lead to an arbitrary file read. An attacker can send http request to trigger this vulnerability.",
    "published": "2026-01-20T14:49:33.583Z",
    "modified": "2026-01-20T15:09:24.711Z",
    "type": "cve",
    "title": "CVE-2025-53912",
    "source": "talos",
    "references": "https://talosintelligence.com/vulnerability_reports/TALOS-2025-2273",
    "id": "CVE-2025-53912",
    "bulletinFamily": "",
    "cwe": [
        "CWE-73"
    ],
    "cvelist": null,
    "sourceData": "MedDream MedDream PACS Premium 7.3.6.870",
    "sourceHref": "",
    "cvss": {
        "score": 9.6,
        "severity": "CRITICAL",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "MedDream PACS Premium",
    "version": "7.3.6.870",
    "vendor": "MedDream",
    "ai_description": "Arbitrary file read vulnerability in MedDream PACS Premium via specially crafted HTTP request",
    "ai_severity": "Critical",
    "ai_vendor": "MedDream",
    "ai_product": "MedDream PACS Premium",
    "ai_version": "7.3.6.870",
    "ai_score": 9.6
}

💭 Join the Security Discussion ❌ Cancel Reply