Multiple Stack-Based Buffer Overflows in Supermicro IPMI Web Interface

Multiple Stack-Based Buffer Overflows in Supermicro IPMI Web Interface

CVE-2013-3607 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

Multiple stack-based buffer overflows in the web interface in the Intelligent Platform Management Interface (IPMI) implementation on Supermicro H8DC*, H8DG*, H8SCM-F, H8SGL-F, H8SM*, X7SP*, X8DT*, X8SI*, X9DAX-*, X9DB*, X9DR*, X9QR*, X9SBAA-F, X9SC*, X9SPU-F, and X9SR* devices allow remote attackers to execute arbitrary code on the Baseboard Management Controller (BMC), as demonstrated by the (1) username or (2) password field in login.cgi.

Learn more about our Web App Pen Testing.