cbcvebase.
CVE-2018-25113
published 2025-07-23

CVE-2018-25113: An unauthenticated path traversal vulnerability exists in Dicoogle PACS Web Server version 2.5.0 and possibly earlier. The vulnerability allows remote…

PriorityP261high8.7CVSS 4.0
AVNACLATNPRNUINVCHVINVANSCNSINSANEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
EXPLOIT
EPSS
1.21%
64.5th percentile
An unauthenticated path traversal vulnerability exists in Dicoogle PACS Web Server version 2.5.0 and possibly earlier. The vulnerability allows remote attackers to read arbitrary files on the underlying system by sending a crafted request to the /exportFile endpoint using the UID parameter. Successful exploitation can reveal sensitive files accessible by the web server user.

Affected

1 ranges
VendorProductVersion rangeFixed in
dicoogle_projectpacs_web_server

Detection & IOCsextracted from sources · hover to see the quote

url/exportFile
  • Monitor HTTP requests to the /exportFile endpoint for path traversal sequences (e.g., ../, ..\ ) in the UID parameter, which is the attack vector for this vulnerability.
  • Exploitation is specifically effective against Windows targets; prioritize detection on Windows-hosted Dicoogle PACS Web Server instances.
  • Requests to /exportFile from unauthenticated sources (no session/auth headers) should be treated as highly suspicious and flagged for review.
  • ·The directory traversal exploit was only confirmed successful against Windows targets despite the application being Java-based; Linux/Unix deployments may not be exploitable via this specific technique.
  • ·The vulnerability affects Dicoogle PACS Web Server version 2.5.0 and possibly earlier versions; scope detection rules to cover all versions up to and including 2.5.0.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.