CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-47702

OpenBMCS 2.4 contains a CSRF vulnerability that allows attackers to perform actions with administrative privileges by exploiting the sendFeedback.php endpoint. Attackers can submit malicious requests to trigger unintended actions, such as sending emails or modifying system settings.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 6.2%

CVSS Severity

CVSS v3 Score 4.3

References

https://www.exploit-db.com/exploits/50667
https://www.openbmcs.com
https://www.vulncheck.com/advisories/openbmcs-cross-site-request-forgery-csrf-via-sendfeedbackphp
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2022-5691.php

Products affected by CVE-2021-47702

Openbmcs » Openbmcs » Version: 2.4

cpe:2.3:a:openbmcs:openbmcs:2.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-47702

Products

Pricing

Contact Us