CVE-2020-27227

Name of the Vulnerable Software and Affected Versions: OpenClinic GA version 5.173.3

Description: An exploitable unauthenticated command injection issue exists, allowing specially crafted web requests to execute commands on the server. This can be triggered by sending a web request with parameters containing a specific parameter, potentially enabling the exfiltration of the database, user credentials, and compromise of the underlying operating system.

Recommendations: For OpenClinic GA version 5.173.3, at the moment, there is no information about a newer version that contains a fix for this vulnerability.