In OpenEMR 5.0.1 and earlier, an authenticated attacker can execute arbitrary commands on the host system via the Scanned Forms interface when creating a new form.
[
{
"product": "OpenEMR",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "5.0.1 and earlier"
}
]
}
]