exploitDog

CVE-2025-7623

Опубликовано: 18 нояб. 2025

Источник: nvd

CVSS3: 5.4

EPSS Низкий

Описание

Stack-based buffer overflow in the SMASH-CLP shell. An authenticated attacker with SSH access to the BMC can exploit a stack buffer overflow via a crafted SMASH command, overwrite the return address and registers, and achieve arbitrary code execution on the BMC firmware operating system

Ссылки

https://www.supermicro.com/zh_tw/support/security_BMC_IPMI_Nov_2025

EPSS

Процентиль: 23%

0.00075

Низкий

5.4 Medium

CVSS3

Дефекты

CWE-121

Связанные уязвимости

GHSA-95mg-3279-c5xh

CVSS3: 5.4

github

3 месяца назад

Stack-based buffer overflow in the SMASH-CLP shell. An authenticated attacker with SSH access to the BMC can exploit a stack buffer overflow via a crafted SMASH command, overwrite the return address and registers, and achieve arbitrary code execution on the BMC firmware operating system

EPSS

Процентиль: 23%

0.00075

Низкий

5.4 Medium

CVSS3

Дефекты

CWE-121