Intrusion Prevention

OpenEMR.download_template.php.Directory.Traversal

Description

This indicates an attack attempt to exploit a Directory Traversal Vulnerability in OpenEMR Development Team OpenEMR.
A remote, authenticated attacker could exploit this vulnerability by sending a crafted HTTP request to a vulnerable server. Successful exploitation could allow an attacker to read files from arbitrary locations on the server.

Affected Products

OpenEMR Development Team OpenEMR 5.0.1 and earlier

Impact

Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
https://www.open-emr.org/wiki/index.php/OpenEMR_Downloads

CVE References

CVE-2019-3967