Home / Vulnerability Intelligence / CVE-2026-24848

CVE-2026-24848 - Vulnerability Analysis

CriticalCVSS: 9.9

Last Updated: March 4, 2026

OpenEMR - Remote Code Execution

Published: March 3, 2026Updated: March 4, 2026PoC AvailableRemote Exploitable

Overview

OpenEMR <= 7.0.4 contains a remote code execution caused by arbitrary file write via disposeDocument() in EtherFaxActions.php, letting authenticated users execute code remotely, exploit requires user authentication.

Severity & Score

Severity: Critical

CVSS Score: 9.9

Impact

Authenticated users can execute arbitrary code remotely, potentially leading to full server compromise.

Mitigation

Update to a version later than 7.0.4 or the latest available version.

References

https://github.com/openemr/openemr/security/advisories/GHSA-5vp5-4rm6-h4c9

Related Resources

Vulnerability Intelligence Dashboard
Credential Scanner

Details

CVE ID: CVE-2026-24848
Severity: Critical
CVSS Score: 9.9
Type: remote_code_execution
Status: confirmed

CWE

CWE-22

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H