OpenEMR Remote Code Execution Vulnerability in EtherFaxActions.php
CVE-2026-24848
8.7HIGH
What is CVE-2026-24848?
In OpenEMR versions 7.0.4 and earlier, a vulnerability exists in the disposeDocument() method of EtherFaxActions.php that allows authenticated users to write arbitrary content to unauthorized locations on the server filesystem. This flaw could be exploited to perform Remote Code Execution (RCE), enabling attackers to upload malicious PHP web shells, which could lead to a full compromise of the system. Proper validation and sanitization of inputs are essential to mitigate this risk.
Affected Version(s)
openemr <= 7.0.4
References
EPSS Score
6% chance of being exploited in the next 30 days.
CVSS V4
Score:
8.7
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None
Timeline
Vulnerability published
Vulnerability Reserved
