| Title | OpenClinica OpenClinica Community Edition 3.13, Changeset 74f4df3481b6 (2017-02-28) and 3.12.2, Changeset 347dcfca3d17 (2016-11-21) Unrestricted Upload |
|---|
| Description | OpenClinica is vulnerable to Remote Code Execution (RCE) via path traversal arbitrary file write in the "Import CRF Data" function. The upload handler trusts the client-supplied filename and accepts ../ traversal, allowing writes outside the intended directory. By targeting the deployed webapp path, an attacker can write a JSP and achieve execution when the file is requested.
A detailed write-up is available in the link provided.
|
|---|
| Source | ⚠️ https://github.com/mikecole-mg/security_findings/blob/main/openclinica/openclinica-rce.md |
|---|
| User | mikecole-mg (UID 89343) |
|---|
| Submission | 10/23/2025 04:37 (6 months ago) |
|---|
| Moderation | 11/09/2025 07:42 (17 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 331642 [OpenClinica Community Edition up to 3.12.2/3.13 CRF Data Import ImportCRFData?action=confirm xml_file path traversal] |
|---|
| Points | 20 |
|---|