OpenBMCS Cross-Site Request Forgery Vulnerability

A Cross-Site Request Forgery (CSRF) vulnerability has been identified in OpenBMCS version 2.4. This vulnerability allows attackers to perform actions with administrative privileges by exploiting the sendFeedback.php endpoint. The lack of proper validation for HTTP requests enables the execution of unintended actions, such as sending emails or altering system settings, especially if a logged-in user is tricked into visiting a malicious website.

Impact

Exploitation of this vulnerability could lead to unauthorized actions being performed with administrative rights, such as modifying system configurations or sending emails from the compromised account.

Reproduction

To reproduce this vulnerability, a logged-in user must be directed to a malicious website that sends a crafted request to the sendFeedback.php endpoint. This request should include the necessary parameters, such as the subject, message, and email, to perform the desired action, like sending an email or changing a system setting.