virus logo Intrusion Prevention

OpenEMR.new.php.File.Inclusion

description-logoDescription

This indicates an attack attempt to exploit a File Inclusion vulnerability in OpenEMR.
The vulnerability is due to insufficient sanitizing of a parameter for the new.php endpoint. A remote attacker may be able to exploit this to include a malicious payload-containing file with suffix .plugin.php.

affected-products-logoAffected Products

OpenEMR prior to 7.0.0.

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor.
https://www.open-emr.org/wiki/index.php/OpenEMR_Patches

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2023-02-22 22.500 Default_action:pass:drop
2023-02-14 22.495
ID 52614
Created Feb 06, 2023
Updated Apr 18, 2023
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
Default Action drop
Active
Affected OS Windows, Linux, BSD, Solaris, MacOS
Affected App PHP_app