PT-2020-15587 · Librehealthio · Librehealth Emr

Boku

Published

2020-09-01

Updated

2020-09-10

CVE-2020-23829

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions LibreHealth EHR version 2.0.0

Description The issue allows remote attackers to achieve remote code execution (RCE) on the hosting webserver by uploading a maliciously crafted image through the interface/new/new comprehensive save.php file. This is made possible due to an authenticated file upload vulnerability.

Recommendations For LibreHealth EHR version 2.0.0, consider disabling the file upload functionality in the interface/new/new comprehensive save.php file until a patch is available to prevent remote code execution. Restrict access to this file to minimize the risk of exploitation.

Exploit

Fix

Unrestricted File Upload

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-434

Related Identifiers

CVE-2020-23829

Affected Products

Librehealth Emr

PT-2020-15587 · Librehealthio · Librehealth Emr

CVE-2020-23829

Weakness Enumeration

Related Identifiers

Affected Products

References · 4