CVE-2019-14530

Name of the Vulnerable Software and Affected Versions OpenEMR versions prior to 5.0.2

Description An issue was discovered in the custom/ajax download.php file via the fileName parameter, allowing an attacker to download any file readable by the user www-data from server storage. If the requested file is writable for the www-data user and the directory /var/www/openemr/sites/default/documents/cqm qrda/ exists, it will be deleted from the server.

Recommendations For versions prior to 5.0.2, update to version 5.0.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the custom/ajax download.php file and the fileName parameter to minimize the risk of exploitation.