8 matches found
CVE-2021-47701
OpenBMCS 2.4 allows an attacker to escalate privileges from a read user to an admin user by manipulating permissions and exploiting a vulnerability in the updateuserpermissions.php script. Attackers can submit a malicious HTTP POST request to PHP scripts in '/plugins/useradmin/' directory...
EUVD-2021-34738
OpenBMCS 2.4 allows an attacker to escalate privileges from a read user to an admin user by manipulating permissions and exploiting a vulnerability in the updateuserpermissions.php script. Attackers can submit a malicious HTTP POST request to PHP scripts in '/plugins/useradmin/' directory...
CVE-2021-47701
OpenBMCS 2.4 allows an attacker to escalate privileges from a read user to an admin user by manipulating permissions and exploiting a vulnerability in the updateuserpermissions.php script. Attackers can submit a malicious HTTP POST request to PHP scripts in '/plugins/useradmin/' directory...
CVE-2021-47701 OpenBMCS User Management Privilege Escalation
OpenBMCS 2.4 allows an attacker to escalate privileges from a read user to an admin user by manipulating permissions and exploiting a vulnerability in the updateuserpermissions.php script. Attackers can submit a malicious HTTP POST request to PHP scripts in '/plugins/useradmin/' directory...
CVE-2021-47701 OpenBMCS User Management Privilege Escalation
OpenBMCS 2.4 allows an attacker to escalate privileges from a read user to an admin user by manipulating permissions and exploiting a vulnerability in the updateuserpermissions.php script. Attackers can submit a malicious HTTP POST request to PHP scripts in '/plugins/useradmin/' directory...
CVE-2021-47701
OpenBMCS 2.4 is vulnerable to privilege escalation via update_user_permissions.php. A read user can gain admin rights by manipulating permissions and sending crafted HTTP POST requests to scripts under /plugins/useradmin/. The vulnerability is documented across multiple feeds (including Red Hat a...
OpenBMCS 安全漏洞
OpenBMCS is a building management and control system from OpenBMCS Australia. A security vulnerability exists in OpenBMCS version 2.4, which stems from a privilege manipulation issue in the updateuserpermissions.php script that could lead to elevated privileges...
PT-2025-50231
Name of the Vulnerable Software and Affected Versions OpenBMCS version 2.4 Description The software contains a flaw that allows privilege escalation from a read user to an admin user. This is achieved by manipulating permissions and exploiting a weakness in the update user permissions.php script...