CVE-2021-47704 – OpenBMCS 2.4 contains an SQL injection vulnerab... (How to Fix)

📋 TL;DR

OpenBMCS 2.4 contains an SQL injection vulnerability in the /debug/obix_test.php endpoint that allows authenticated attackers to execute arbitrary SQL commands. This enables attackers to read, modify, or delete database contents. Organizations running OpenBMCS 2.4 with the debug endpoint accessible are affected.

💻 Affected Systems

Products:

OpenBMCS

Versions: 2.4

Operating Systems: All platforms running OpenBMCS

Default Config Vulnerable: ⚠️ Yes

Notes: Requires authenticated access to the vulnerable endpoint /debug/obix_test.php

📦 What is this software?

Openbmcs by Openbmcs

View all CVEs affecting Openbmcs →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise including data exfiltration, data manipulation, privilege escalation, and potential system takeover via subsequent attacks.

🟠

Likely Case

Unauthorized access to sensitive database information, potential data leakage, and integrity violations.

🟢

If Mitigated

Limited impact due to proper input validation, parameterized queries, and restricted debug endpoint access.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploit requires authentication but is trivial to execute via crafted GET requests with malicious 'id' parameters

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://www.openbmcs.com

Restart Required: No

Instructions:

1. Check vendor website for security updates
2. Apply any available patches
3. Verify fix by testing the vulnerable endpoint

🔧 Temporary Workarounds

Disable Debug Endpoint

linux

Remove or restrict access to the vulnerable /debug/obix_test.php file

mv /path/to/openbmcs/debug/obix_test.php /path/to/openbmcs/debug/obix_test.php.disabled
chmod 000 /path/to/openbmcs/debug/obix_test.php

Implement Input Validation

all

Add proper input sanitization and parameterized queries to the vulnerable script

🧯 If You Can't Patch

Implement strict network access controls to restrict access to the debug endpoint
Deploy a web application firewall (WAF) with SQL injection protection rules

🔍 How to Verify

Check if Vulnerable:

Test if /debug/obix_test.php is accessible and responds to SQL injection attempts with crafted 'id' parameters

Check Version:

Check OpenBMCS documentation or configuration files for version information

Verify Fix Applied:

Confirm the endpoint is no longer accessible or properly sanitizes input

📡 Detection & Monitoring

Log Indicators:

Unusual SQL queries in database logs
Multiple requests to /debug/obix_test.php with suspicious parameters
Database error messages containing SQL syntax

Network Indicators:

HTTP GET requests to /debug/obix_test.php with SQL keywords in parameters
Unusual database connection patterns from web server

SIEM Query:

source="web_logs" AND uri_path="/debug/obix_test.php" AND (param_id CONTAINS "UNION" OR param_id CONTAINS "SELECT" OR param_id CONTAINS "--")

📊 Metadata

CVE ID: CVE-2021-47704

CVSS v3 Score: 6.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-89

EPSS Score: 0.07% exploit probability (20.8th percentile)

Published: December 9, 2025

Last Updated: December 19, 2025

🔗 References

https://www.exploit-db.com/exploits/50668 Exploit,Third Party Advisory,VDB Entry
https://www.openbmcs.com Product
https://www.vulncheck.com/advisories/openbmcs-sql-injection-via-obixtestphp Third Party Advisory
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2022-5692.php Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-47704, you might also want to check these: