CVE-2020-37116
Published: 03 February 2026
Summary
CVE-2020-37116 is a high-severity Improper Access Control (CWE-284) vulnerability in Gunet Open Eclass Platform. Its CVSS base score is 8.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 27.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and SA-22 (Unsupported System Components).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly enforces access control policies to prevent low-privileged users from remotely accessing the vulnerable phpMyAdmin interface bundled in OpenEclass.
Mandates timely flaw remediation, including patching the remote login vulnerability in the default phpMyAdmin 2.10.0.2 as advised in OpenEclass documentation.
Prohibits use of unsupported system components like the outdated phpMyAdmin 2.10.0.2, preventing bundling of vulnerable software that enables remote access and exploitation.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Vulnerability exposes phpMyAdmin to low-privileged OpenEclass users, enabling exploitation for privilege escalation (T1068), web shell upload (T1505.003), extraction of MySQL credentials from config.php (T1552.001), and full database access/manipulation (T1213.006).
NVD Description
GUnet OpenEclass 1.7.3 includes phpMyAdmin 2.10.0.2 by default, which allows remote logins. Attackers with access to the platform can remotely access phpMyAdmin and, after uploading a shell, view the config.php file to obtain the MySQL password, leading to full database…
more
compromise.
Deeper analysisAI
CVE-2020-37116 is a vulnerability in GUnet OpenEclass 1.7.3, an e-learning platform that includes phpMyAdmin 2.10.0.2 by default. This bundled phpMyAdmin version permits remote logins, exposing the database management interface to unauthorized access. The issue stems from improper access control (CWE-284), with a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
Attackers require low privileges (PR:L) on the OpenEclass platform to exploit this remotely over the network. They can access phpMyAdmin directly, upload a shell, and inspect the config.php file to extract the MySQL password, resulting in full database compromise with high impacts on confidentiality, integrity, and availability.
Advisories and documentation, including the VulnCheck advisory on GUnet OpenEclass phpMyAdmin remote access and the OpenEclass CHANGES.txt file, provide details on patches and mitigations. A public proof-of-concept exploit is available on Exploit-DB (exploit 48163).
Real-world exploitation is feasible given the public exploit, highlighting risks for unpatched OpenEclass 1.7.3 deployments.
Details
- CWE(s)