CVE-2021-47718

HIGH

OpenBMCS 2.4 - Unauthenticated Information Disclosure via Directory Listing

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2021-47718. PoCs published by LiquidWorm.

AI-analyzed exploit summary The document describes an information disclosure vulnerability in OpenBMCS 2.4, where directory listing is enabled on the '/debug/' endpoint, exposing sensitive files. This could allow an attacker to gain full BMS access by leveraging the disclosed information.

Description

OpenBMCS 2.4 contains an information disclosure vulnerability that allows unauthenticated attackers to access sensitive files by exploiting directory listing functionality. Attackers can browse directories like /debug/ and /php/ to discover configuration files, database credentials, and system information.

Exploits (1)

exploitdb WRITEUP

by LiquidWorm · textwebappsphp

https://www.exploit-db.com/exploits/50671

View Code ZIP pw:eip

The document describes an information disclosure vulnerability in OpenBMCS 2.4, where directory listing is enabled on the '/debug/' endpoint, exposing sensitive files. This could allow an attacker to gain full BMS access by leveraging the disclosed information.

Classification

Writeup 90%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: OpenBMCS 2.4

No auth needed

Prerequisites: Network access to the target system

MITRE ATT&CK

T1083 - File and Directory Discovery

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (4)

Core 4

Core References

Exploit, Third Party Advisory, VDB Entry exploit

https://www.exploit-db.com/exploits/50671

Product product

https://www.openbmcs.com

Exploit, Third Party Advisory third-party-advisory

https://www.zeroscience.mk/en/vulnerabilities/ZSL-2022-5695.php

Third Party Advisory third-party-advisory

https://www.vulncheck.com/advisories/openbmcs-directory-listing-information-disclosure

Scores

CVSS v3 7.5

EPSS 0.0046

EPSS Percentile 36.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact partial

Details

CWE

CWE-548

Status published

Products (2)

OPEN BMCS/OpenBMCS 2.4

openbmcs/openbmcs 2.4

Published Dec 09, 2025

Tracked Since Feb 18, 2026