CVE-2025-30057 | CGM CLININET up to 2024.MS3 UHCRTFDoc ConvertToPDF filename code injection

Inserito da Angelo Barbosa | Ago 27, 2025 | CVE

A vulnerability, which was classified as critical, has been found in CGM CLININET up to 2024.MS3. This issue affects the function ConvertToPDF of the component UHCRTFDoc. Performing manipulation of the argument filename results in code injection.

This vulnerability is reported as CVE-2025-30057. The attacker must have access to the local network to execute the attack. No exploit exists.

It is advisable to upgrade the affected component.

CVE-2025-30057 | CGM CLININET up to 2024.MS3 UHCRTFDoc ConvertToPDF filename code injection

Post correlati

CVE-2024-9552 | D-Link DIR-605L 2.13B01 BETA formSetWanNonLogin webpage buffer overflow

CVE-2024-28327 | Asus RT-N12+ B1 Setting cleartext storage

CVE-2024-52279 | Apache Zeppelin up to 0.11.x JDBC URL Validation input validation

CVE-2025-7500 | Ocean Social Sharing Plugin up to 2.2.1 on WordPress cross site scripting