CVE-2021-47718

UNKNOWN 0.0

OpenBMCS Directory Listing Information Disclosure

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

OpenBMCS 2.4 contains an information disclosure vulnerability that allows unauthenticated attackers to access sensitive files by exploiting directory listing functionality. Attackers can browse directories like /debug/ and /php/ to discover configuration files, database credentials, and system information.

CWE	CWE-548
Vendor	open bmcs
Product	openbmcs
Published	Dec 9, 2025
Last Updated	Apr 7, 2026

Stay Ahead of the Next One

Get instant alerts for open bmcs openbmcs

Be the first to know when new unknown vulnerabilities affecting open bmcs openbmcs are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

OPEN BMCS / OpenBMCS

2.4

References

NVD ↗ CVE.org ↗ EPSS Data ↗

exploit-db.com: https://www.exploit-db.com/exploits/50671 openbmcs.com: https://www.openbmcs.com zeroscience.mk: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2022-5695.php vulncheck.com: https://www.vulncheck.com/advisories/openbmcs-directory-listing-information-disclosure

Credits

LiquidWorm as Gjoko Krstic of Zero Science Lab