Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The web interface in the Intelligent Platform Management Interface (IPMI) implementation on Supermicro H8DC*, H8DG*, H8SCM-F, H8SGL-F, H8SM*, X7SP*, X8DT*, X8SI*, X9DAX-*, X9DB*, X9DR*, X9QR*, X9SBAA-F, X9SC*, X9SPU-F, and X9SR* devices allows remote authenticated users to execute arbitrary commands via shell metacharacters, as demonstrated by the IP address field in config_date_time.cgi.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Supermicro IPMI Web Interface 远程任意shell命令注入漏洞
Vulnerability Description
Supermicro Intelligent Platform Management Interface(IPMI)是美国超微(Supermicro)公司的一个IPMI卡(智能平台管理接口),它可对系统进行远程控制,如远程开机、进入BIOS等。 Supermicro IPMI实现中的Web接口中存在输入验证漏洞,该漏洞源于程序没有正确过滤输入。远程攻击者可利用该漏洞实施shell注入攻击,并执行任意命令。以下设备受到影响:H8DC*,H8DG*,H8SCM-F,H8SGL-F,H8SM*,X7SP*,X8
CVSS Information
N/A
Vulnerability Type
N/A