Vulnerability Details CVE-2012-0992
interface/fax/fax_dispatch.php in OpenEMR 4.1.0 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the file parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.058
EPSS Ranking 90.1%
CVSS Severity
CVSS v2 Score 8.5
References
- http://archives.neohapsis.com/archives/bugtraq/2012-02/0004.html
- http://osvdb.org/78731
- http://secunia.com/advisories/47781
- http://www.open-emr.org/wiki/index.php/OpenEMR_Patches
- http://www.securityfocus.com/bid/51788
- https://exchange.xforce.ibmcloud.com/vulnerabilities/72915
- https://www.htbridge.ch/advisory/HTB23069
- http://archives.neohapsis.com/archives/bugtraq/2012-02/0004.html
- http://osvdb.org/78731
- http://secunia.com/advisories/47781
- http://www.open-emr.org/wiki/index.php/OpenEMR_Patches
- http://www.securityfocus.com/bid/51788
- https://exchange.xforce.ibmcloud.com/vulnerabilities/72915
- https://www.htbridge.ch/advisory/HTB23069