CVE-2025-3480

Name of the Vulnerable Software and Affected Versions MedDream WEB DICOM Viewer (affected versions not specified)

Description This issue allows network-adjacent attackers to disclose sensitive information on affected installations. The flaw exists within the Web Portal due to the lack of encryption when transmitting credentials. An attacker can leverage this to disclose transmitted credentials, leading to further compromise. Authentication is not required to exploit this issue.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.