CVE-2019-14530

Public Exploit

Description

An issue was discovered in custom/ajax_download.php in OpenEMR before 5.0.2 via the fileName parameter. An attacker can download any file (that is readable by the user www-data) from server storage. If the requested file is writable for the www-data user and the directory /var/www/openemr/sites/default/documents/cqm_qrda/ exists, it will be deleted from server.

References

Link	Tags
https://github.com/openemr/openemr/pull/2592	third party advisory patch
https://github.com/Wezery/CVE-2019-14530	third party advisory exploit
http://packetstormsecurity.com/files/163215/OpenEMR-5.0.1.7-Path-Traversal.html	exploit vdb entry third party advisory
http://packetstormsecurity.com/files/163375/OpenEMR-5.0.1.7-Path-Traversal.html	exploit vdb entry third party advisory
https://github.com/Hacker5preme/Exploits/tree/main/CVE-2019-14530-Exploit	third party advisory exploit

Frequently Asked Questions

What is the severity of CVE-2019-14530?: CVE-2019-14530 has been scored as a high severity vulnerability.
How to fix CVE-2019-14530?: To fix CVE-2019-14530, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2019-14530 being actively exploited in the wild?: It is possible that CVE-2019-14530 is being exploited or will be exploited in a near future based on public information. According to its EPSS score, there is a ~79% probability that this vulnerability will be exploited by malicious actors in the next 30 days.

Description

Category

CWE-22 – Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

References

Frequently Asked Questions