Vulnerability CVE-2021-39369


Published: 2022-12-26

Description:
In Philips (formerly Carestream) Vue MyVue PACS through 12.2.x.x, the VideoStream function allows Path Traversal by authenticated users to access files stored outside of the web root.

 References:
https://www.cisa.gov/uscert/ics/advisories/icsma-21-187-01
https://www.usa.philips.com/healthcare
https://www.youtube.com/watch?v=7zC84TNpIxw

Copyright 2026, cxsecurity.com

 

Back to Top