Sante PACS Server HTTP Content-Length Header Handling NULL Pointer Dereference Denial-of-Service Vulnerability

December 17th, 2025
ZDI-25-1104 ZDI-CAN-26770

CVE ID

CVE-2025-14501

CVSS Score

7.5 AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Vendors

Sante

Affected Products

PACS Server

Vulnerability Details

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Sante PACS Server. Authentication is not required to exploit this vulnerability.

The specific flaw exists within the handling of HTTP Content-Length header. The issue results from the lack of proper validation of a pointer prior to accessing it. An attacker can leverage this vulnerability to create a denial-of-service condition on the system.

Additional Details

Fixed in version 4.2.3


Disclosure Timeline

  • 2025-06-12 - Vulnerability reported to vendor
  • 2025-12-17 - Coordinated public release of advisory
  • 2025-12-17 - Advisory Updated

Credit

Artur Mattern

Back to Advisories