Home / Vulnerability Intelligence / CVE-2026-24848

CVE-2026-24848 - Vulnerability Analysis

CriticalCVSS: 9.9

Last Updated: March 4, 2026

OpenEMR - Remote Code Execution

Published: March 3, 2026Updated: March 4, 2026PoC AvailableRemote Exploitable

Overview

OpenEMR <= 7.0.4 contains a remote code execution caused by arbitrary file write via disposeDocument() in EtherFaxActions.php, letting authenticated users execute code remotely, exploit requires user authentication.

Severity & Score

Severity: Critical

CVSS Score: 9.9

EPSS Score: 20.5%(Probability of exploitation in next 30 days)

Impact

Authenticated users can execute arbitrary code remotely, potentially leading to full server compromise.

Mitigation

Update to a version later than 7.0.4 or the latest available version.

References

https://github.com/openemr/openemr/security/advisories/GHSA-5vp5-4rm6-h4c9

Social Media Activity(1 post)

TheHackerWire

@thehackerwire

Mar 4, 2026

🔴 CVE-2026-24848 - Critical (9.9) OpenEMR is a free and open source electronic health records and medical practice management application. In 7.0.4 and earlier, the disposeDocument() method in EtherFaxActions.php allows authenticated users to write arbitrary content to arbitrary l... 🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24848/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

View original post

Related Resources

Details

CVE ID: CVE-2026-24848
Severity: Critical
CVSS Score: 9.9
Type: remote_code_execution
Status: confirmed
EPSS: 20.5%
Social Posts: 1

CWE

CWE-22

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

EPSS Score

20.5%Probability of exploitation in the next 30 days