Privilege Escalation Vulnerability in OpenEMR by OpenEMR Team
CVE-2024-26476

Currently unrated

Key Information:

Vendor: OpenEMR Team
Status: OpenEMR
Vendor: CVE Published:; 28 February 2024

🔔 Create OpenEMR Team Vulnerability Alert

What is CVE-2024-26476?

A vulnerability exists in OpenEMR versions prior to 7.0.2, where a remote attacker can exploit the ereq_form.php component. By crafting a malicious script targeting the formid parameter, the attacker is able to escalate their privileges, potentially leading to unauthorized access and control over sensitive information.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://github.com/mpdf/mpdf/issues/867

https://github.com/c4v4r0n/Research/blob/main/openemr_Bli...

Timeline

Vulnerability published
Feb 28, 2024
Vulnerability Reserved
Feb 19, 2024

JSON

OpenEMR Team

What is CVE-2024-26476?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.