Browse all 5 CVE security advisories affecting OPEN BMCS. AI-powered Chinese analysis, POCs, and references for each vulnerability.
OPEN BMCS is a building management and control system designed for monitoring and automation of building infrastructure. Historically, it has been susceptible to multiple vulnerability classes including remote code execution, cross-site scripting, and privilege escalation, as evidenced by its five recorded CVEs. The system's network-exposed nature and default credentials have contributed to its exploitation in unauthorized access scenarios. While no major public incidents have been widely documented, the accumulation of CVEs suggests ongoing security challenges in its architecture and deployment, particularly in environments where legacy configurations remain unpatched.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2021-47718 | OpenBMCS Directory Listing Information Disclosure — OpenBMCSCWE-548 | 7.5AI | HighAI | 2025-12-09 |
| CVE-2021-47704 | OpenBMCS SQL Injection via obix_test.php — OpenBMCSCWE-89 | 6.5AI | MediumAI | 2025-12-09 |
| CVE-2021-47703 | OpenBMCS Server Side Request Forgery (SSRF) via /php/query.php — OpenBMCSCWE-918 | 6.5AI | MediumAI | 2025-12-09 |
| CVE-2021-47702 | OpenBMCS Cross Site Request Forgery (CSRF) via sendFeedback.php — OpenBMCSCWE-352 | 8.8AI | HighAI | 2025-12-09 |
| CVE-2021-47701 | OpenBMCS User Management Privilege Escalation — OpenBMCSCWE-862 | 8.8AI | HighAI | 2025-12-09 |
This page lists every published CVE security advisory associated with OPEN BMCS. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.