File Download Vulnerability in OpenEMR by OpenEMR
CVE-2019-14530

8.8HIGH

Key Information:

Vendor

Open-emr

Status
Openemr
Vendor
CVE Published:
13 August 2019

Badges

๐Ÿ‘พ Exploit Exists๐ŸŸก Public PoC๐ŸŸฃ EPSS 60%

What is CVE-2019-14530?

A vulnerability exists in the ajax_download.php file of OpenEMR prior to version 5.0.2, where an attacker can exploit the fileName parameter to gain unauthorized access to files on the server. This can result in the download of any file that is readable by the user 'www-data'. Additionally, if the requested file is writable and located in the /var/www/openemr/sites/default/documents/cqm_qrda/ directory, it can be deleted, potentially causing data loss. This highlights significant security risks and the need for immediate updates to mitigate exposure.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

exploit-CVE-2019-14530
Created by sec-it

CVE-2019-14530
Created by Wezery

References

https://github.com/openemr/openemr/pull/2592
x_refsource_MISC
https://github.com/Wezery/CVE-2019-14530
x_refsource_MISC
http://packetstormsecurity.com/files/163215/OpenEMR-5.0.1...
x_refsource_MISC

EPSS Score

60% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • ๐ŸŸก

    Public PoC available

  • ๐Ÿ‘พ

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

.