Login Sign Up

CVE-2021-47702

4.3 MEDIUM
Authentication Bypass CSRF

📋 TL;DR

OpenBMCS 2.4 contains a CSRF vulnerability in the sendFeedback.php endpoint that allows attackers to trick authenticated administrators into performing unintended actions. This could lead to unauthorized email sending or system configuration changes. Only OpenBMCS 2.4 installations with administrative web interfaces are affected.

💻 Affected Systems

Products:
  • OpenBMCS
Versions: 2.4
Operating Systems: All
Default Config Vulnerable: ⚠️ Yes
Notes: Requires administrative web interface access; sendFeedback.php endpoint must be accessible.

📦 What is this software?

Openbmcs by Openbmcs

View all CVEs affecting Openbmcs →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could modify system settings, send malicious emails from the system, or potentially chain with other vulnerabilities for further compromise.

🟠

Likely Case

Attackers send spam or phishing emails from the vulnerable system, or make minor configuration changes.

🟢

If Mitigated

With proper CSRF protections and administrative awareness, impact is limited to unsuccessful attack attempts.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploitation requires tricking an authenticated administrator to visit a malicious page; exploit code is publicly available.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Not specified

Vendor Advisory: https://www.openbmcs.com

Restart Required: No

Instructions:

No official patch available; implement workarounds or upgrade to a newer version if available.

🔧 Temporary Workarounds

Implement CSRF Tokens

all

Add CSRF protection tokens to sendFeedback.php and verify them on submission.

Modify sendFeedback.php to include and validate CSRF tokens

Restrict Access to sendFeedback.php

all

Limit access to the vulnerable endpoint via web server configuration or authentication.

Add access control rules in Apache/Nginx configuration for sendFeedback.php

🧯 If You Can't Patch

  • Implement strict SameSite cookie policies and require re-authentication for sensitive actions.
  • Use web application firewalls (WAF) to detect and block CSRF attempts.

🔍 How to Verify

Check if Vulnerable:

Check if sendFeedback.php exists and lacks CSRF protection by reviewing the source code or testing with CSRF PoC tools.

Check Version:

Check OpenBMCS version in web interface or configuration files.

Verify Fix Applied:

Test that sendFeedback.php now requires valid CSRF tokens and rejects unauthorized requests.

📡 Detection & Monitoring

Log Indicators:

  • Unusual POST requests to sendFeedback.php from unexpected sources or without referrer headers.

Network Indicators:

  • HTTP requests to sendFeedback.php with parameters typical for CSRF attacks.

SIEM Query:

source="web_logs" AND uri="/sendFeedback.php" AND method="POST" AND NOT referrer CONTAINS "expected_domain"

📊 Metadata

CVE ID: CVE-2021-47702
CVSS v3 Score: 4.3 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
CWE: CWE-352
EPSS Score: 0.05% exploit probability (14.1th percentile)
Published: December 9, 2025
Last Updated: December 19, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-47702, you might also want to check these:

CVE-2025-23922 10.0

A Cross-Site Request Forgery (CSRF) vulnerability in the Harsh iSpring Embedder WordPress plugin all...

Same vulnerability type (CWE-352)
CVE-2020-23426 9.8

CVE-2020-23426 is a privilege escalation vulnerability in zzcms 201910 that allows attackers to gain...

Same vulnerability type (CWE-352)
CVE-2024-33449 9.8

This SSRF vulnerability in PDFMyURL allows attackers to make the service send requests to internal s...

Same vulnerability type (CWE-352)