Security Advisory

CVE-2022-2120

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-06-24 15:00:18

Last updated 2025-11-03 19:26:45

Assigner icscert

State PUBLISHED

Description

OFFIS DCMTKs (All versions prior to 3.6.7) service class user (SCU) is vulnerable to relative path traversal, allowing an attacker to write DICOM files into arbitrary directories under controlled names. This could allow remote code execution.

← Browse all CVEs View on cve.org ↗