Multiple Stack-Based Buffer Overflows in Supermicro IPMI Web Interface
CVE-2013-3607 · HIGH Severity
AV:N/AC:L/AU:N/C:C/I:C/A:C
Multiple stack-based buffer overflows in the web interface in the Intelligent Platform Management Interface (IPMI) implementation on Supermicro H8DC*, H8DG*, H8SCM-F, H8SGL-F, H8SM*, X7SP*, X8DT*, X8SI*, X9DAX-*, X9DB*, X9DR*, X9QR*, X9SBAA-F, X9SC*, X9SPU-F, and X9SR* devices allow remote attackers to execute arbitrary code on the Baseboard Management Controller (BMC), as demonstrated by the (1) username or (2) password field in login.cgi.
Learn more about our Web App Pen Testing.