Vulnerability Details CVE-2025-2264
A Path Traversal Information Disclosure vulnerability exists in "Sante PACS Server.exe". An unauthenticated remote attacker can exploit it to download arbitrary files on the disk drive where the application is installed.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.695
EPSS Ranking 98.6%
CVSS Severity
CVSS v3 Score 7.5
References
Products affected by CVE-2025-2264
-
cpe:2.3:a:santesoft:sante_pacs_server:4.1.0