CVE-2021-47703

OpenBMCS Server Side Request Forgery (SSRF) via /php/query.php

CVSS 6.9 MEDIUMEPSS 0.3%CWE-918

OpenBMCS 2.4 contains an unauthenticated SSRF vulnerability that allows attackers to bypass firewalls and initiate service and network enumeration on the internal network through the affected application, allowing hijacking of current sessions. Attackers can specify an external domain in the 'ip' parameter to force the application to make an HTTP request to an arbitrary destination host.

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:L/SI:L/SA:L

Affected products

OPEN BMCS · OpenBMCS

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://www.exploit-db.com/exploits/50670 https://www.openbmcs.com https://www.vulncheck.com/advisories/openbmcs-server-side-request-forgery-ssrf-via-phpqueryphp https://www.zeroscience.mk/en/vulnerabilities/ZSL-2022-5694.php