CVE-2020-37009
Unknown Unknown - Not Provided
Authenticated Remote Code Execution in MedDream PACS Server Upload Endpoint

Publication date: 2026-01-29

Last updated on: 2026-01-29

Assigner: VulnCheck

Description
MedDream PACS Server 6.8.3.751 contains an authenticated remote code execution vulnerability that allows authorized users to upload malicious PHP files. Attackers can exploit the uploadImage.php endpoint by authenticating and uploading a PHP shell to execute arbitrary system commands with elevated privileges.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-01-29
Last Modified
2026-01-29
Generated
2026-06-16
AI Q&A
2026-01-29
EPSS Evaluated
2026-06-15
NVD
CVE-2020-37009
EUVD
EUVD-2020-30904
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
meddream meddream_pacs_server 6.8.3.751
meddream meddream_pacs_server 6.8.3.1.751
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-434 The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2020-37009 is an authenticated remote code execution vulnerability in MedDream PACS Server version 6.8.3.751. Authenticated users can exploit the uploadImage.php endpoint to upload malicious PHP files, such as a PHP shell, which allows them to execute arbitrary system commands with elevated privileges on the server. This occurs due to improper validation of uploaded files and insufficient access controls, enabling attackers to gain system-level access. [1, 2]

Impact Analysis

This vulnerability can allow an authenticated attacker to execute arbitrary system commands on the MedDream PACS Server with elevated privileges. This can lead to full system compromise, unauthorized access to sensitive medical images and data, disruption of service, and potential further attacks within the network. The attacker could gain system-level access, potentially compromising confidentiality, integrity, and availability of the system. [1, 2]

Detection Guidance

This vulnerability can be detected by checking for unauthorized or suspicious PHP files uploaded via the uploadImage.php endpoint after authenticating. One approach is to monitor HTTP POST requests to uploadImage.php and look for PHP payloads. Additionally, you can attempt to authenticate and upload a test PHP shell to verify if the upload is possible. Commands to detect exploitation attempts include using curl or wget to simulate the upload and then accessing the uploaded PHP shell with commands like `curl http://target/uploaded_shell.php?cmd=whoami` to check for command execution. Monitoring web server logs for POST requests to uploadImage.php and subsequent GET requests to suspicious PHP files can also help detect exploitation. [2]

Mitigation Strategies

Immediate mitigation steps include upgrading the MedDream PACS Server to a fixed version released after May 4, 2020 (version 6.8.3.1.751 or later) that patches this vulnerability. Additionally, restrict authenticated user permissions to prevent uploading executable files, implement strict validation and filtering of uploaded files to disallow PHP or other executable scripts, and monitor for suspicious upload activity. If upgrading immediately is not possible, consider disabling the uploadImage.php endpoint or restricting access to it to trusted users only. [2]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2020-37009. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart