Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2023-35861

Published: 31/07/2023 Updated: 07/08/2023
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 0
Subscribe to H12dst-b Firmware

Vulnerability Summary

A shell-injection vulnerability in email notifications on Supermicro motherboards (such as H12DST-B prior to 03.10.35) allows remote malicious users to inject execute arbitrary commands as root on the BMC.

Vulnerable Product Search on Vulmon Subscribe to Product

supermicro h12dst-b_firmware

supermicro x13dai-t_firmware -

supermicro x13ddw-a_firmware -

supermicro x13deg-oa_firmware -

supermicro x13deg-oad_firmware -

supermicro x13deg-pvc_firmware -

supermicro x13deg-qt_firmware -

supermicro x13dei_firmware -

supermicro x13dei-t_firmware -

supermicro x13dem_firmware -

supermicro x13det-b_firmware -

supermicro x13dgu_firmware -

supermicro x13dsf-a_firmware -

supermicro x13qeh\\+_firmware -

supermicro x13sae_firmware -

supermicro x13sae-f_firmware -

supermicro x13san-c_firmware -

supermicro x13san-c-wohs_firmware -

supermicro x13san-e_firmware -

supermicro x13san-e-wohs_firmware -

supermicro x13san-h_firmware -

supermicro x13san-h-wohs_firmware -

supermicro x13san-l_firmware -

supermicro x13san-l-wohs_firmware -

supermicro x13saq_firmware -

supermicro x13sav-lvds_firmware -

supermicro x13sav-ps_firmware -

supermicro x13saz-f_firmware -

supermicro x13saz-q_firmware -

supermicro x13sedw-f_firmware -

supermicro x13seed-f_firmware -

supermicro x13seed-sf_firmware -

supermicro x13sefr-a_firmware -

supermicro x13sei-f_firmware -

supermicro x13sei-tf_firmware -

supermicro x13sem-f_firmware -

supermicro x13sem-tf_firmware -

supermicro x13set-g_firmware -

supermicro x13set-gc_firmware -

supermicro x13sew-f_firmware -

supermicro x13sew-tf_firmware -

supermicro x13sra-tf_firmware -

supermicro x13srn-e_firmware -

supermicro x13srn-e-wohs_firmware -

supermicro x13srn-h_firmware -

supermicro x13srn-h-wohs_firmware -

supermicro x13swa-tf_firmware -

supermicro h13dsg-o-cpu_firmware -

supermicro h13dsg-o-cpu-d_firmware -

supermicro h13dsh_firmware -

supermicro h13sae-mf_firmware -

supermicro h13srd-f_firmware -

supermicro h13ssf_firmware -

supermicro h13ssh_firmware -

supermicro h13ssl-n_firmware -

supermicro h13ssl-nt_firmware -

supermicro h13sst-g_firmware -

supermicro h13sst-gc_firmware -

supermicro h13ssw_firmware -

supermicro x12dai-n6_firmware -

supermicro x12ddw-a6_firmware -

supermicro x12dgo-6_firmware -

supermicro x12dgq-r_firmware -

supermicro x12dgu_firmware -

supermicro x12dhm-6_firmware -

supermicro x12dpd-a6m25_firmware -

supermicro x12dpfr-an6_firmware -

supermicro x12dpg-ar_firmware -

supermicro x12dpg-oa6_firmware -

supermicro x12dpg-oa6-gd2_firmware -

supermicro x12dpg-qbt6_firmware -

supermicro x12dpg-qr_firmware -

supermicro x12dpg-qt6_firmware -

supermicro x12dpg-u6_firmware -

supermicro x12dpi-n6_firmware -

supermicro x12dpi-nt6_firmware -

supermicro x12dpl-i6_firmware -

supermicro x12dpl-nt6_firmware -

supermicro x12dpt-b6_firmware -

supermicro x12dpt-pt46_firmware -

supermicro x12dpt-pt6_firmware -

supermicro x12dpu-6_firmware -

supermicro x12dsc-6_firmware -

supermicro x12qch\\+_firmware -

supermicro x12sae_firmware -

supermicro x12sae-5_firmware -

supermicro x12sca-5f_firmware -

supermicro x12sca-f_firmware -

supermicro x12scq_firmware -

supermicro x12scv-lvds_firmware -

supermicro x12scv-w_firmware -

supermicro x12scz-f_firmware -

supermicro x12scz-qf_firmware -

supermicro x12scz-tln4f_firmware -

supermicro x12sdv-10c-sp6f_firmware -

supermicro x12sdv-10c-spt4f_firmware -

supermicro x12sdv-14c-spt8f_firmware -

supermicro x12sdv-16c-spt8f_firmware -

supermicro x12sdv-20c-spt8f_firmware -

supermicro x12sdv-4c-sp6f_firmware -

supermicro x12sdv-4c-spt4f_firmware -

supermicro x12sdv-4c-spt8f_firmware -

supermicro x12sdv-8c-sp6f_firmware -

supermicro x12sdv-8c-spt4f_firmware -

supermicro x12sdv-8c-spt8f_firmware -

supermicro x12sdv-8ce-sp4f_firmware -

supermicro x12spa-tf_firmware -

supermicro x12sped-f_firmware -

supermicro x12spg-nf_firmware -

supermicro x12spi-tf_firmware -

supermicro x12spl-f_firmware -

supermicro x12spl-ln4f_firmware -

supermicro x12spm-ln4f_firmware -

supermicro x12spm-ln6tf_firmware -

supermicro x12spm-tf_firmware -

supermicro x12spo-f_firmware -

supermicro x12spo-ntf_firmware -

supermicro x12spt-g_firmware -

supermicro x12spt-gc_firmware -

supermicro x12spt-pt_firmware -

supermicro x12spw-f_firmware -

supermicro x12spw-tf_firmware -

supermicro x12spz-ln4f_firmware -

supermicro x12spz-spln6f_firmware -

supermicro x12std-f_firmware -

supermicro x12ste-f_firmware -

supermicro x12sth-f_firmware -

supermicro x12sth-ln4f_firmware -

supermicro x12sth-sys_firmware -

supermicro x12stl-f_firmware -

supermicro x12stl-if_firmware -

supermicro x12stn-c_firmware -

supermicro x12stn-c-wohs_firmware -

supermicro x12stn-e_firmware -

supermicro x12stn-e-wohs_firmware -

supermicro x12stn-h_firmware -

supermicro x12stn-h-wohs_firmware -

supermicro x12stn-l_firmware -

supermicro x12stn-l-wohs_firmware -

supermicro x12stw-f_firmware -

supermicro x12stw-tf_firmware -

supermicro h12ssw-ntr_firmware -

supermicro h12ssw-ntl_firmware -

supermicro h12ssw-nt_firmware -

supermicro h12ssw-inr_firmware -

supermicro h12ssw-inl_firmware -

supermicro h12ssw-in_firmware -

supermicro h12ssw-an6_firmware -

supermicro h12sst-ps_firmware -

supermicro h12ssl-nt_firmware -

supermicro h12ssl-i_firmware -

supermicro h12ssl-ct_firmware -

supermicro h12ssl-c_firmware -

supermicro h12ssg-anp6_firmware -

supermicro h12ssg-an6_firmware -

supermicro h12ssfr-an6_firmware -

supermicro h12ssff-an6_firmware -

supermicro h12dsu-inr_firmware -

supermicro h12dsu-in_firmware -

supermicro h12dst-b_firmware -

supermicro h12dsi-nt6_firmware -

supermicro h12dsi-n6_firmware -

supermicro h12dsg-q-cpu6_firmware -

supermicro h12dsg-o-cpu_firmware -

supermicro h12dgq-nt6_firmware -

supermicro h12dgo-6_firmware -

References

CWE-78https://blog.freax13.de/cve/cve-2023-35861https://www.supermicro.com/en/products/motherboardshttps://www.supermicro.com/en/support/security_SMTP_Jun_2023https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
encryptionCVE-2024-4331CVE-2024-26925arbitrary codeCVE-2006-4304CVE-2024-25458CVE-2024-27077reflected XSSCVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook