CVE-2025-29789
Published: 25 March 2025
Summary
CVE-2025-29789 is a high-severity Relative Path Traversal (CWE-23) vulnerability in Open-Emr Openemr. Its CVSS base score is 7.5 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 25.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and SI-10 (Information Input Validation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly validates user-supplied file paths in OpenEMR's Load Code feature to prevent directory traversal exploitation.
Requires timely remediation by applying the OpenEMR 7.3.0 patch that specifically fixes the directory traversal vulnerability.
Enforces approved authorizations to restrict Load Code feature access to only intended files, blocking unauthorized sensitive file reads.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Directory traversal in a network-accessible web app (OpenEMR) directly enables unauthenticated exploitation of public-facing applications (T1190) and unauthorized reading of arbitrary local system files (T1005).
NVD Description
OpenEMR is a free and open source electronic health records and medical practice management application. Versions prior to 7.3.0 are vulnerable to Directory Traversal in the Load Code feature. Version 7.3.0 contains a patch for the issue.
Deeper analysisAI
CVE-2025-29789 is a directory traversal vulnerability (CWE-22, CWE-23) in the Load Code feature of OpenEMR, a free and open source electronic health records and medical practice management application. Versions prior to 7.3.0 are affected, as disclosed on 2025-03-25 with a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).
Unauthenticated attackers with network access can exploit this vulnerability through low-complexity attacks requiring no user interaction. Successful exploitation enables high-impact confidentiality violations, such as unauthorized access to sensitive files on the server, without affecting integrity or availability.
OpenEMR version 7.3.0 addresses the issue with a patch. Security practitioners should consult the GitHub security advisory at https://github.com/openemr/openemr/security/advisories/GHSA-ffpq-2wqj-v8ff and the fixing commit at https://github.com/openemr/openemr/commit/ef3bb7f84ebe8ef54d55416e587ec2fefd065489 for implementation details and upgrade guidance.
Details
- CWE(s)