CVE-2021-47701
OpenBMCS 2.4 allows an attacker to escalate privileges from a read user to an admin user by manipulating permissions and exploiting a vulnerability in the update_user_permissions.php script. Attackers can submit a malicious HTTP POST request to PHP scripts in '/plugins/useradmin/' directory.
Vendor
Product
CWE
Yayın Tarihi
2025-12-09 21:15:47
Güncelleme
2025-12-17 14:14:10
Source Identifier
disclosure@vulncheck.com
KEV Date Added
-