{ "dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": { "cveId": "CVE-2018-25142", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "state": "PUBLISHED", "assignerShortName": "VulnCheck", "dateReserved": "2025-12-24T14:28:02.435Z", "datePublished": "2025-12-24T19:27:48.350Z", "dateUpdated": "2025-12-24T20:25:54.871Z" }, "containers": { "cna": { "providerMetadata": { "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2025-12-24T19:27:48.350Z" }, "datePublic": "2018-09-07T00:00:00.000Z", "title": "NovaRad NovaPACS Diagnostics Viewer 8.5 XML External Entity Injection", "descriptions": [ { "lang": "en", "value": "NovaRad NovaPACS Diagnostics Viewer 8.5.19.75 contains an unauthenticated XML External Entity (XXE) injection vulnerability in XML preference import settings. Attackers can craft malicious XML files with DTD parameter entities to retrieve arbitrary system files through an out-of-band channel attack." } ], "problemTypes": [ { "descriptions": [ { "lang": "en", "description": "Improper Restriction of XML External Entity Reference", "cweId": "CWE-611", "type": "CWE" } ] } ], "affected": [ { "vendor": "NovaRad Corporation", "product": "NovaPACS Diagnostics Viewer", "versions": [ { "version": "8.5.19.75", "status": "affected" } ] } ], "metrics": [ { "cvssV4_0": { "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 7.1, "baseSeverity": "HIGH", "exploitMaturity": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "PASSIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED" }, "format": "CVSS" }, { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS" } ], "references": [ { "url": "https://www.exploit-db.com/exploits/45337", "name": "ExploitDB-45337", "tags": [ "exploit" ] }, { "url": "https://www.novarad.net", "name": "NovaRad Corporation Product Homepage", "tags": [ "product" ] }, { "url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5488.php", "name": "Zero Science Lab Disclosure (ZSL-2018-5488)", "tags": [ "third-party-advisory" ] } ], "credits": [ { "lang": "en", "value": "LiquidWorm as Gjoko Krstic of Zero Science Lab", "type": "finder" } ], "x_generator": { "engine": "vulncheck" } }, "adp": [ { "references": [ { "url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5488.php", "tags": [ "exploit" ] }, { "url": "https://www.exploit-db.com/exploits/45337", "tags": [ "exploit" ] } ], "metrics": [ { "other": { "type": "ssvc", "content": { "timestamp": "2025-12-24T20:12:13.751199Z", "id": "CVE-2018-25142", "options": [ { "Exploitation": "poc" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "version": "2.0.3" } } } ], "title": "CISA ADP Vulnrichment", "providerMetadata": { "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-12-24T20:25:54.871Z" } } ] } }