CGM NETRAAD SQL Injection Vulnerability in Imageserver Module

Vulnerability

A SQL injection vulnerability has been identified in the 'imageserver' module of CGM NETRAAD software, affecting versions prior to 7.9.0. This vulnerability arises when the software processes C-FIND queries, allowing an attacker connected to the PACS to access the database. The exploitation of this vulnerability could lead to unauthorized access to data processed by CGM CLININET software.

Impact

Exploitation of this vulnerability allows for unauthorized database access, including sensitive information handled by the CGM CLININET software.

Added: Mar 2, 2026, 12:21 PM

Updated: Mar 2, 2026, 12:21 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

3.1

remediation

0.0

relevance

3.4

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

3.1

remediation

0.0

relevance

3.4

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

CGM NETRAAD SQL Injection Vulnerability in Imageserver Module

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating