Executive Summary
CVE-2026-56445 is a critical path traversal vulnerability (CVSS 9.1) in the qrscp DICOM application. The C-STORE request handler passes an attacker-supplied instance UID from a crafted DICOM dataset directly into os.path.join() without sanitization, allowing a remote unauthenticated attacker to write files to arbitrary paths on the server filesystem.
Medical imaging infrastructure running affected qrscp deployments is at risk of complete server compromise through malicious file writes.
| Attribute | Value |
|---|---|
| CVE ID | CVE-2026-56445 |
| CVSS Score | 9.1 (Critical) |
| Type | Path Traversal / Arbitrary File Write |
| Component | qrscp C-STORE handler |
| Attack Vector | Network |
| Authentication | None required |
| User Interaction | None |
| Published | June 25, 2026 |
Vulnerability Details
Root Cause
The qrscp application's C-STORE handler — the DICOM protocol component that receives and stores medical image objects — uses a specific instance UID extracted from attacker-supplied DICOM datasets to construct a file path:
# Vulnerable pattern (simplified)
file_path = os.path.join(storage_dir, instance_uid)Because instance_uid is taken directly from the incoming DICOM dataset without sanitization, an attacker can craft a dataset where the instance UID contains path traversal sequences (e.g., ../../../../etc/cron.d/backdoor). The os.path.join() call honours these sequences, allowing the resulting write to land outside the intended storage directory at any location writable by the process.
Attack Scenario
1. Attacker identifies exposed qrscp DICOM listener (default port 104/11112)
2. Attacker crafts a DICOM C-STORE request with malicious instance UID:
e.g., Instance UID = "../../etc/cron.d/rce"
3. qrscp processes the C-STORE: os.path.join(storage_dir, "../../etc/cron.d/rce")
4. File is written to /etc/cron.d/rce containing a reverse shell payload
5. Cron executes the payload — attacker gains OS-level code executionWhy DICOM Is Particularly Risky
- DICOM port 104 is often internet-exposed in healthcare environments lacking proper network segmentation
- No authentication by default — the DICOM protocol itself requires no auth for C-STORE operations in basic configurations
- Process typically runs with elevated privileges to write to storage directories
- Healthcare targets are high-value for ransomware groups and nation-state actors due to the sensitivity of patient data
Affected Software
| Software | Component | Status |
|---|---|---|
| qrscp (pynetdicom) | C-STORE handler | Vulnerable — patch status pending |
DICOM-capable software using the qrscp application as a storage SCP (Service Class Provider) is affected. Organizations running pynetdicom-based DICOM listeners should audit their deployments immediately.
Immediate Remediation
Priority Actions
- Audit all DICOM listener configurations — identify any
qrscp-based deployments exposed to untrusted networks - Apply vendor patches — check the pynetdicom GitHub repository for a fix and apply immediately
- Restrict DICOM port access — firewall rules should limit TCP 104/11112 to known DICOM peer IP addresses only
- Run qrscp as a least-privilege user — ensure the process cannot write outside its designated storage directory
- Monitor for unexpected file creation — audit file system activity on DICOM storage servers
Interim Mitigations (If Patching Is Delayed)
# Restrict DICOM port to known peer IPs only (example: iptables)
iptables -A INPUT -p tcp --dport 104 -s <trusted-pacs-ip> -j ACCEPT
iptables -A INPUT -p tcp --dport 104 -j DROP
# Run qrscp in a chroot or containerized environment
# Ensure the service account cannot write outside /dicom/storage/Detection
Indicators of Exploitation
| Indicator | Description |
|---|---|
DICOM C-STORE requests with .. in instance UIDs | Path traversal attempt |
| Unexpected files outside DICOM storage directory | Successful exploitation |
| New cron jobs, SSH authorized_keys modifications | Post-exploitation persistence |
| Outbound network connections from DICOM server | C2 communications |
Log Monitoring
Audit DICOM application logs for instance UIDs containing traversal characters (.., /, \). Any such request should be treated as an active exploitation attempt and investigated immediately.
Impact Assessment
A successful exploit against an unprotected qrscp deployment enables:
- Arbitrary file overwrite — attacker can overwrite system files, configuration, or application code
- Cron/init persistence — write cron jobs or systemd units for persistent backdoor access
- Web shell deployment — if a web server is running, write PHP/ASPX web shells to the web root
- Data exfiltration setup — modify existing services to exfiltrate patient records or credentials
- Ransomware staging — pre-position ransomware payloads before detonation
Healthcare environments storing Protected Health Information (PHI) face significant HIPAA breach notification obligations in addition to the operational impact.
Key Takeaways
- CVSS 9.1 Critical — Path traversal via unsanitized
os.path.join()in DICOM C-STORE handler - No authentication required — any network-reachable DICOM listener is at risk
- Healthcare environments are primary targets — DICOM servers are often poorly segmented
- Patch immediately and firewall DICOM ports to known-trusted peers
- Monitor for anomalous file creation on DICOM storage servers as an exploitation indicator