NovaRad NovaPACS Diagnostics Viewer 8.5.19.75 contains an unauthenticated XML External Entity (XXE) injection vulnerability in XML preference import settings. Attackers can craft malicious XML files with DTD parameter entities to retrieve arbitrary system files through an out-of-band channel attack.
PUBLISHED5.2CWE-611
NovaRad NovaPACS Diagnostics Viewer 8.5 XML External Entity Injection
Problem type
Affected products
NovaRad Corporation
NovaPACS Diagnostics Viewer
8.5.19.75 - AFFECTED
References
ExploitDB-45337
https://www.exploit-db.com/exploits/45337
NovaRad Corporation Product Homepage
https://www.novarad.net
Zero Science Lab Disclosure (ZSL-2018-5488)
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5488.php
GitHub Security Advisories
GHSA-ghwc-hrr9-vj2w
NovaRad NovaPACS Diagnostics Viewer 8.5.19.75 contains an unauthenticated XML External Entity ...
https://github.com/advisories/GHSA-ghwc-hrr9-vj2wNovaRad NovaPACS Diagnostics Viewer 8.5.19.75 contains an unauthenticated XML External Entity (XXE) injection vulnerability in XML preference import settings. Attackers can craft malicious XML files with DTD parameter entities to retrieve arbitrary system files through an out-of-band channel attack.
JSON source
https://cveawg.mitre.org/api/cve/CVE-2018-25142Click to expand
{
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"cveMetadata": {
"cveId": "CVE-2018-25142",
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"dateUpdated": "2025-12-24T20:25:54.871Z",
"dateReserved": "2025-12-24T14:28:02.435Z",
"datePublished": "2025-12-24T19:27:48.350Z",
"state": "PUBLISHED"
},
"containers": {
"cna": {
"providerMetadata": {
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck",
"dateUpdated": "2025-12-24T19:27:48.350Z"
},
"datePublic": "2018-09-07T00:00:00.000Z",
"title": "NovaRad NovaPACS Diagnostics Viewer 8.5 XML External Entity Injection",
"descriptions": [
{
"lang": "en",
"value": "NovaRad NovaPACS Diagnostics Viewer 8.5.19.75 contains an unauthenticated XML External Entity (XXE) injection vulnerability in XML preference import settings. Attackers can craft malicious XML files with DTD parameter entities to retrieve arbitrary system files through an out-of-band channel attack."
}
],
"affected": [
{
"vendor": "NovaRad Corporation",
"product": "NovaPACS Diagnostics Viewer",
"versions": [
{
"version": "8.5.19.75",
"status": "affected"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"lang": "en",
"description": "Improper Restriction of XML External Entity Reference",
"cweId": "CWE-611",
"type": "CWE"
}
]
}
],
"references": [
{
"url": "https://www.exploit-db.com/exploits/45337",
"name": "ExploitDB-45337",
"tags": [
"exploit"
]
},
{
"url": "https://www.novarad.net",
"name": "NovaRad Corporation Product Homepage",
"tags": [
"product"
]
},
{
"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5488.php",
"name": "Zero Science Lab Disclosure (ZSL-2018-5488)",
"tags": [
"third-party-advisory"
]
}
],
"metrics": [
{
"format": "CVSS"
},
{
"format": "CVSS",
"cvssV3_1": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
}
}
],
"credits": [
{
"lang": "en",
"value": "LiquidWorm as Gjoko Krstic of Zero Science Lab",
"type": "finder"
}
]
},
"adp": [
{
"providerMetadata": {
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP",
"dateUpdated": "2025-12-24T20:25:54.871Z"
},
"title": "CISA ADP Vulnrichment",
"references": [
{
"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5488.php",
"tags": [
"exploit"
]
},
{
"url": "https://www.exploit-db.com/exploits/45337",
"tags": [
"exploit"
]
}
],
"metrics": [
{}
]
}
]
}
}