CVE-2026-8033

MEDIUM 5.3

PicoTronica e-Clinic Healthcare System ECHS Response Header v2 information disclosure

CVSS Score

5.3

EPSS Score

0.0%

EPSS Percentile

0th

A vulnerability has been found in PicoTronica e-Clinic Healthcare System ECHS 5.7. This affects an unknown function of the file /cdemos/echs/api/v2/ of the component Response Header Handler. Such manipulation leads to information disclosure. The attack may be performed from remote. The exploit has been disclosed to the public and may be used. Upgrading to version 5.7.1 mitigates this issue. It is suggested to upgrade the affected component. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product.

CWE	CWE-200 CWE-284
Vendor	picotronica
Product	e-clinic healthcare system echs
Published	May 6, 2026

Stay Ahead of the Next One

Get instant alerts for picotronica e-clinic healthcare system echs

Be the first to know when new medium vulnerabilities affecting picotronica e-clinic healthcare system echs are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

Affected Versions

PicoTronica / e-Clinic Healthcare System ECHS

5.7

References

NVD ↗ CVE.org ↗ EPSS Data ↗

vuldb.com: https://vuldb.com/vuln/361359 vuldb.com: https://vuldb.com/vuln/361359/cti vuldb.com: https://vuldb.com/submit/800793 docs.google.com: https://docs.google.com/document/d/1dBJAAYyNpktnOBSCJPJGUMdfjb-Vj3PTy5oNj8RjeQ8/edit?usp=sharing

Credits

VulDB CNA Team