CRITICAL
Hyland
CVE published 2026-07-01
CVE-2026-58127
PACSgear MediaWriter 5.2.1 is vulnerable to unauthenticated remote code execution via a .NET Remoting TCP service on port 9000. The service, registered with ObjectURIs RemoteObj and UIRemoteObj, lacks authentication. An attacker can exploit this using the MarshalByRefObject object unmarshalling technique and .NET WebClient class methods to read and write arbitrary files. Chaining this with DLL hijacking i [truncated]