TROYANOSYVIRUS
Voltar para CVEs

CVE-2026-24898

CRITICAL
10.0

Descricao

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to 8.0.0, an unauthenticated token disclosure vulnerability in the MedEx callback endpoint allows any unauthenticated visitor to obtain the practice's MedEx API tokens, leading to complete third-party service compromise, PHI exfiltration, unauthorized actions on the MedEx platform, and HIPAA violations. The vulnerability exists because the endpoint bypasses authentication ($ignoreAuth = true) and performs a MedEx login whenever $_POST['callback_key'] is provided, returning the full JSON response including sensitive API tokens. This vulnerability is fixed in 8.0.0.

Detalhes CVE

Pontuacao CVSS v3.110.0
SeveridadeCRITICAL
Vetor CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Vetor de ataqueNETWORK
ComplexidadeLOW
Privilegios necessariosNONE
Interacao do usuarioNONE
Publicado3/3/2026
Ultima modificacao3/4/2026
Fontenvd
Avistamentos honeypot0

Produtos afetados

open-emr:openemr

Fraquezas (CWE)

CWE-287

Referencias

https://github.com/openemr/openemr/commit/8e4de59ab58222f13abc4e4040128737d857db9c(security-advisories@github.com)
https://github.com/openemr/openemr/security/advisories/GHSA-qwff-3mw7-7rc7(security-advisories@github.com)

Correlacoes IOC

Sem correlacoes registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.