CVE-2013-3623

Supermicro Onboard IPMI CGI Vulnerability Scanner

Title source: metasploit

Description

Multiple stack-based buffer overflows in cgi/close_window.cgi in the web interface in the Intelligent Platform Management Interface (IPMI) with firmware before 3.15 (SMT_X9_315) on Supermicro X9 generation motherboards allow remote attackers to execute arbitrary code via the (1) sess_sid or (2) ACT parameter.

Exploits (3)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotehardware

https://www.exploit-db.com/exploits/29666

View Code ZIP pw:eip

metasploit SCANNER

by hdm, juan vazquez · rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/smt_ipmi_cgi_scanner.rb

View Code ZIP pw:eip

metasploit WORKING POC GOOD

by hdm, juan vazquez · rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/smt_ipmi_close_window_bof.rb

View Code ZIP pw:eip

References (6)

[Vendor Advisory] https://support.citrix.com/article/CTX216642

[Exploit] http://www.exploit-db.com/exploits/29666

[Vendor Advisory] http://www.supermicro.com/products/nfo/files/IPMI/CVE_Update.pdf

[Exploit] https://community.rapid7.com/community/metasploit/blog/2013/11/06/supermicro-ipmi-firmware-vulnerabilities

[Third Party Advisory] http://www.thomas-krenn.com/en/wiki/Supermicro_IPMI_Security_Updates_November_2013

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/63775

Scores

EPSS 0.8637

EPSS Percentile 99.4%

Details

CWE

CWE-119

Status published

Products (2)

supermicro/intelligent_platform_management_firmware 2.24

supermicro/intelligent_platform_management_firmware < 2.26

Published Dec 10, 2013

Tracked Since Feb 18, 2026