Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.8
CGM NETRAAD imageserver Module Allows Unauthorized Database Access
CVE-2025-10350
Summary
A flaw in the imageserver module of CGM NETRAAD software lets an attacker connected to a PACS system access sensitive database information, including data processed by GCM CLININET software. This issue affects older versions of CGM NETRAAD, specifically those without the 7.9.0 update. To protect your system, update to the latest version of the software.
Original title
SQL Injection vulnerability in "imageserver" module when processing C-FIND queries in CGM NETRAAD software allows attacker connected to PACS gaining access to database, including data processed by ...
Original description
SQL Injection vulnerability in "imageserver" module when processing C-FIND queries in CGM NETRAAD software allows attacker connected to PACS gaining access to database, including data processed by GCM CLININET software.This issue affects CGM NETRAAD with imageserver module in versions before 7.9.0.
nvd CVSS4.0
8.8
Vulnerability type
CWE-89
SQL Injection
Published: 2 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026