OpenEMR.Authenticated.Import.Template.PHP.Path.Traversal
Description
This indicates an attack attempt to exploit a Path Traversal vulnerability in OpenEMR.
The vulnerability is due to insufficient sanitizing of user supplied inputs in the application when handling HTTP request. An authenticated remote attacker may be able to exploit this to access files in arbitrary location on the system, leading to possible remote code execution.
Affected Products
OPEN EMR version 5.0.1.3 and prior
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://www.open-emr.org/wiki/index.php/OpenEMR_Patches
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |