CVE-2018-17180

Name of the Vulnerable Software and Affected Versions OpenEMR versions prior to 5.0.1 Patch 7

Description An issue exists where Directory Traversal is possible, allowing access to files outside the intended directory. This is achieved by manipulating the docid parameter with a value such as ../ in the /portal/lib/download template.php endpoint.

Recommendations For versions prior to 5.0.1 Patch 7, update to version 5.0.1 Patch 7 or later to resolve the issue. As a temporary workaround, consider restricting access to the /portal/lib/download template.php endpoint to minimize the risk of exploitation. Avoid using the docid parameter with values that could facilitate directory traversal until the issue is resolved.