Arbitrary Command Execution Vulnerability in OpenEMR Scanned Forms Interface

Arbitrary Command Execution Vulnerability in OpenEMR Scanned Forms Interface

CVE-2019-3968 · HIGH Severity

AV:N/AC:L/AU:S/C:C/I:C/A:C

In OpenEMR 5.0.1 and earlier, an authenticated attacker can execute arbitrary commands on the host system via the Scanned Forms interface when creating a new form.

Learn more about our Web Application Penetration Testing UK.