Browse all 4 CVE security advisories affecting ExtremePACS. AI-powered Chinese analysis, POCs, and references for each vulnerability.
ExtremePacs is a healthcare IT solution focused on patient data management and medical imaging workflows. Historically, the system has been susceptible to multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues, as evidenced by its four recorded CVEs. These vulnerabilities often stem from insufficient input validation and improper access controls in web interfaces and API endpoints. While no major public security incidents have been widely documented, the consistent pattern of critical vulnerabilities suggests ongoing challenges in secure development practices, potentially exposing sensitive patient data to unauthorized access or system compromise.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-7872 | Sensetive Data Exposure in ExtremePACS' Extreme XDS — Extreme XDSCWE-201 | 7.6 | High | 2025-03-06 |
| CVE-2024-4341 | IDOR in ExtremePacs's Extreme XDS — Extreme XDSCWE-639 | 6.5 | Medium | 2024-07-08 |
| CVE-2023-6523 | IDOR in ExtremePacs's Extreme XDS — Extreme XDSCWE-639 | 8.8 | High | 2024-04-05 |
| CVE-2023-6522 | Information Disclosure in ExtremePacs's Extreme XDS — Extreme XDSCWE-648 | 7.2 | High | 2024-04-05 |
This page lists every published CVE security advisory associated with ExtremePACS. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.