Описание
Multiple stack-based buffer overflows in cgi/close_window.cgi in the web interface in the Intelligent Platform Management Interface (IPMI) with firmware before 3.15 (SMT_X9_315) on Supermicro X9 generation motherboards allow remote attackers to execute arbitrary code via the (1) sess_sid or (2) ACT parameter.
Ссылки
- Exploit
- Vendor Advisory
- Exploit
- Exploit
- Vendor Advisory
- Exploit
Уязвимые конфигурации
Конфигурация 1Версия до 2.26 (включая)
Одно из
cpe:2.3:o:supermicro:intelligent_platform_management_firmware:*:-:-:*:-:-:x9_generation_motherboards:*
cpe:2.3:o:supermicro:intelligent_platform_management_firmware:2.24:-:-:*:-:-:x9_generation_motherboards:*
EPSS
Процентиль: 99%
0.8685
Высокий
10 Critical
CVSS2
Дефекты
CWE-119
Связанные уязвимости
github
больше 3 лет назад
Multiple stack-based buffer overflows in cgi/close_window.cgi in the web interface in the Intelligent Platform Management Interface (IPMI) with firmware before 3.15 (SMT_X9_315) on Supermicro X9 generation motherboards allow remote attackers to execute arbitrary code via the (1) sess_sid or (2) ACT parameter.
EPSS
Процентиль: 99%
0.8685
Высокий
10 Critical
CVSS2
Дефекты
CWE-119