Vulnerability Database

314,453

Total vulnerabilities in the database

CVE-2021-47703

OpenBMCS 2.4 contains an unauthenticated SSRF vulnerability that allows attackers to bypass firewalls and initiate service and network enumeration on the internal network through the affected application, allowing hijacking of current sessions. Attackers can specify an external domain in the 'ip' parameter to force the application to make an HTTP request to an arbitrary destination host.

Published: Dec 9, 2025
Updated: Dec 20, 2025
CVE: CVE-2021-47703
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.2
AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N

CWEs:

CWE-918

Affected Software
References

Software	From	Fixed in
openbmcs / openbmcs	2.4	2.4.x

https://www.exploit-db.com/exploits/50670
https://www.openbmcs.com
https://www.vulncheck.com/advisories/openbmcs-server-side-request-forgery-ssrf-via-phpqueryphp
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2022-5694.php

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo