Security Advisory

CVE-2021-47701

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-12-09 20:35:24

Last updated 2026-04-07 14:05:28

Assigner VulnCheck

State PUBLISHED

Description

OpenBMCS 2.4 allows an attacker to escalate privileges from a read user to an admin user by manipulating permissions and exploiting a vulnerability in the update_user_permissions.php script. Attackers can submit a malicious HTTP POST request to PHP scripts in /plugins/useradmin/ directory.

← Browse all CVEs View on cve.org ↗