CVE-2025-3480 – MedDream WEB DICOM Viewer Information Disclosure (Cleartext Transmission of Credentials)

May 22, 2025

CVE ID : CVE-2025-3480

Published : May 22, 2025, 1:15 a.m. | 1 hour, 35 minutes ago

Description : MedDream WEB DICOM Viewer Cleartext Transmission of Credentials Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of MedDream WEB DICOM Viewer. Authentication is not required to exploit this vulnerability.

The specific flaw exists within the Web Portal. The issue results from the lack of encryption when transmitting credentials. An attacker can leverage this vulnerability to disclose transmitted credentials, leading to further compromise. Was ZDI-CAN-25842.

Severity: 5.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-3881 – eCharge Hardy Barth cPH2 NTP Command Injection Remote Code Execution

Next Article CVE-2025-2759 – GStreamer Privilege Escalation Vulnerability

Last week in AI dev tools: Cloudflare blocking AI crawlers by default, Perplexity Max subscription, and more (July 7, 2025)

Infragistics Launches Ultimate 25.1 With Major Updates to App Builder, Ignite UI

Design Guidelines For Better Notifications UX

10 Top React.js Development Service Providers For Your Next Project In 2026

Following Microsoft’s mass layoffs, Xbox Game Pass’ business viability is again being questioned — is Xbox’s biggest differentiator an albatross?

A million customer conversations with AI agents yielded this surprising lesson

Bookworms: Don’t skip this Kindle Paperwhite Essentials bundle that’s on sale

My favorite “non-gaming” gaming accessory is down to its lowest price for Prime Day | XREAL’s AR glasses give you a virtual cinema screen for Xbox Cloud Gaming, Netflix, PC gaming handhelds, and more

Keyboard Testing in Accessibility Testing

Keyboard Testing in Accessibility Testing

Implementation of Custom Tables in Optimizely Configured Commerce

Token Limit – Monitor token usage in AI context files

Following Microsoft’s mass layoffs, Xbox Game Pass’ business viability is again being questioned — is Xbox’s biggest differentiator an albatross?

Following Microsoft’s mass layoffs, Xbox Game Pass’ business viability is again being questioned — is Xbox’s biggest differentiator an albatross?

dano – hashdeep/md5tree for media files

My favorite “non-gaming” gaming accessory is down to its lowest price for Prime Day | XREAL’s AR glasses give you a virtual cinema screen for Xbox Cloud Gaming, Netflix, PC gaming handhelds, and more

CVE-2025-3480 – MedDream WEB DICOM Viewer Information Disclosure (Cleartext Transmission of Credentials)

CVE-2025-20694 – Intel Bluetooth Denial of Service Vulnerability

CVE-2025-20693 – Intel Wireless LAN STA Driver Out-of-Bounds Read Information Disclosure Vulnerability

Gemini 2.0 is now available to everyone

CVE-2025-7154 – TOTOLINK N200RE OS Command Injection Vulnerability

This Dell PC was “possibly the best value for its price range of any Windows laptop” — now it’s $350 off

Codeless Test Automation: Does It Live Up To the Hype (And How to Make the Most Out of It)?

CVE-2025-28969 – Cybio Gallery Widget SQL Injection

TACO Trump Always Chickens Out Shirt

CVE-2025-46239 – Theme Switcha Cross-site Scripting Vulnerability

CVE-2025-34087 – Pi-hole Command Injection Vulnerability

CVE-2025-3480 – MedDream WEB DICOM Viewer Information Disclosure (Cleartext Transmission of Credentials)

Related Posts