Lucene search

K

AttackerKBAKB:CC8965D5-97BC-4618-BABB-A087A2406B74

HistoryAug 13, 2019 - 12:00 a.m.

CVE-2019-14530

2019-08-1300:00:00

attackerkb.com

6

0.793 High

EPSS

Percentile

98.3%

An issue was discovered in custom/ajax_download.php in OpenEMR before 5.0.2 via the fileName parameter. An attacker can download any file (that is readable by the user www-data) from server storage. If the requested file is writable for the www-data user and the directory /var/www/openemr/sites/default/documents/cqm_qrda/ exists, it will be deleted from server.

Recent assessments:

noraj at July 08, 2021 7:42pm UTC reported:

Title: OpenEMR < 5.0.2 – (Authenticated) Path Traversal – Local File Disclosure
Vulnerable version: < 5.0.2 (it means up to 5.0.1.7)
Patch: <https://github.com/openemr/openemr/pull/2592/files>
Docker PoC: <https://github.com/sec-it/exploit-CVE-2019-14530/blob/master/docker-compose.yml>

Assessed Attacker Value: 4
Assessed Attacker Value: 4Assessed Attacker Value: 4

References

packetstormsecurity.com/files/163215/OpenEMR-5.0.1.7-Path-Traversal.html

packetstormsecurity.com/files/163375/OpenEMR-5.0.1.7-Path-Traversal.html

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14530

github.com/openemr/openemr/pull/2592

github.com/sec-it/exploit-CVE-2019-14530

github.com/Wezery/CVE-2019-14530

0.793 High

EPSS

Percentile

98.3%

Related for AKB:CC8965D5-97BC-4618-BABB-A087A2406B74

exploitdb3 githubexploit2 packetstorm3 osv1 zdt3 cvelist1 prion1 nuclei1 nvd1 cve1 openvas1