2025-12-09 20:35:24
VulnCheck
PUBLISHED
OpenBMCS 2.4 allows an attacker to escalate privileges from a read user to an admin user by manipulating permissions and exploiting a vulnerability in the update_user_permissions.php script. Attackers can submit a malicious HTTP POST request to PHP scripts in /plugins/useradmin/ directory.