Cyber Resilience

CVE-2020-37116

HighPublic PoC

Published: 03 February 2026

Published
03 February 2026
Modified
10 February 2026
KEV Added
Patch
CVSS Score v4 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0042 33.1th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2020-37116 is a high-severity Improper Access Control (CWE-284) vulnerability in Gunet Open Eclass Platform. Its CVSS base score is 8.7 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 33.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and SA-22 (Unsupported System Components).

Deeper analysis

CVE-2020-37116 is a vulnerability in GUnet OpenEclass 1.7.3, an e-learning platform that includes phpMyAdmin 2.10.0.2 by default. This bundled phpMyAdmin version permits remote logins, exposing the database management interface to unauthorized access. The issue stems from improper access control (CWE-284), with a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).

Attackers require low privileges (PR:L) on the OpenEclass platform to exploit this remotely over the network. They can access phpMyAdmin directly, upload a shell, and inspect the config.php file to extract the MySQL password, resulting in full database compromise with high impacts on confidentiality, integrity, and availability.

Advisories and documentation, including the VulnCheck advisory on GUnet OpenEclass phpMyAdmin remote access and the OpenEclass CHANGES.txt file, provide details on patches and mitigations. A public proof-of-concept exploit is available on Exploit-DB (exploit 48163).

Real-world exploitation is feasible given the public exploit, highlighting risks for unpatched OpenEclass 1.7.3 deployments.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

GUnet OpenEclass 1.7.3 includes phpMyAdmin 2.10.0.2 by default, which allows remote logins. Attackers with access to the platform can remotely access phpMyAdmin and, after uploading a shell, view the config.php file to obtain the MySQL password, leading to full database…

more

compromise.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
T1505.003 Web Shell Persistence
Adversaries may backdoor web servers with web shells to establish persistent access to systems.
T1552.001 Credentials In Files Credential Access
Adversaries may search local file systems and remote file shares for files containing insecurely stored credentials.
T1213.006 Databases Collection
Adversaries may leverage databases to mine valuable information.
Why these techniques?

Vulnerability exposes phpMyAdmin to low-privileged OpenEclass users, enabling exploitation for privilege escalation (T1068), web shell upload (T1505.003), extraction of MySQL credentials from config.php (T1552.001), and full database access/manipulation (T1213.006).

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2020-37113Same product: Gunet Open Eclass Platform
CVE-2026-24669Same product: Gunet Open Eclass Platform
CVE-2026-24773Same product: Gunet Open Eclass Platform
CVE-2026-24665Same product: Gunet Open Eclass Platform
CVE-2026-24672Same product: Gunet Open Eclass Platform
CVE-2020-37112Same product: Gunet Open Eclass Platform
CVE-2026-7813Shared CWE-284
CVE-2026-20628Shared CWE-284
CVE-2025-48619Shared CWE-284
CVE-2025-21405Shared CWE-284

Affected Assets

gunet
open eclass platform
1.7.3

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly enforces access control policies to prevent low-privileged users from remotely accessing the vulnerable phpMyAdmin interface bundled in OpenEclass.

prevent

Mandates timely flaw remediation, including patching the remote login vulnerability in the default phpMyAdmin 2.10.0.2 as advised in OpenEclass documentation.

prevent

Prohibits use of unsupported system components like the outdated phpMyAdmin 2.10.0.2, preventing bundling of vulnerable software that enables remote access and exploitation.

References