Orthanc server prior to version 1.5.8 does not enable basic authentication by default when remote access is enabled. This could result in unauthorized access by an attacker.CreditsAmitay Dan reported this vulnerability to OrthancSouvik Kandar reported this vulnerability to CISAReferenceshttps://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-037-02
