CVE-2025-1537

CVSS 3.1 Score 6.3 of 10 (medium)

Details

Published Feb 21, 2025

CWE ID 74

CWE ID 89

Summary

CVE-2025-1537 is a critical vulnerability identified in Harpia DiagSystem 12. This issue is linked to the processing of the file /diagsystem/PACS/atualatendimento_jpeg.php, where an sql injection can occur due to the manipulation of the argument codexame. The exploit, which allows remote attack, has been publicly disclosed, increasing the risk for potential exploitation. Despite early notification, the vendor has not taken any action to address this vulnerability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/3izeFN
https://www.cve.org/CVERecord?id=CVE-2025-1537
https://nvd.nist.gov/vuln/detail/CVE-2025-1537

Back to Vulnerability Database

CVE-2025-1537

CVSS 3.1 Score 6.3 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations