Lucene search
K

4 matches found

CNVD
CNVD
added 2019/12/09 12:0 a.m.4 views

SuperMicro X8STi-F Operating System Command Injection Vulnerability

The SuperMicro X8STi-F is a computer motherboard from SuperMicro USA. An operating system command injection vulnerability exists in the Virtual Media feature in the SuperMicro X8STi-F with IPMI firmware version 2.06 and BIOS version 02.68. An attacker can exploit this vulnerability to obtain a...

9CVSS7.6AI score0.19039EPSS
Exploits1References1
NVD
NVD
added 2019/12/08 4:15 a.m.25 views

CVE-2019-19642

On SuperMicro X8STi-F motherboards with IPMI firmware 2.06 and BIOS 02.68, the Virtual Media feature allows OS Command Injection by authenticated attackers who can send HTTP requests to the IPMI IP address. This requires a POST to /rpc/setvmdrive.asp with shell metacharacters in ShareHost or...

9CVSS8.7AI score0.19039EPSS
Exploits1References1
Prion
Prion
added 2019/12/08 4:15 a.m.22 views

Command injection

On SuperMicro X8STi-F motherboards with IPMI firmware 2.06 and BIOS 02.68, the Virtual Media feature allows OS Command Injection by authenticated attackers who can send HTTP requests to the IPMI IP address. This requires a POST to /rpc/setvmdrive.asp with shell metacharacters in ShareHost or...

9CVSS8.8AI score0.19039EPSS
Exploits1References1Affected Software2
Cvelist
Cvelist
added 2019/12/08 3:39 a.m.31 views

CVE-2019-19642

On SuperMicro X8STi-F motherboards with IPMI firmware 2.06 and BIOS 02.68, the Virtual Media feature allows OS Command Injection by authenticated attackers who can send HTTP requests to the IPMI IP address. This requires a POST to /rpc/setvmdrive.asp with shell metacharacters in ShareHost or...

8.8AI score0.19039EPSS
Exploits1References1
Rows per page
Query Builder