CVE-2019-13131

CRITICAL

Supermicro SuperDoctor 5 - Remote Code Execution via NRPE

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2019-13131. PoCs published by Simon Gurney.

AI-analyzed exploit summary This exploit leverages an unauthenticated remote command execution vulnerability in SuperMicro SuperDoctor 5's NRPE implementation by sending a crafted NRPE packet to execute arbitrary commands on the target system. The PoC constructs a valid NRPE packet with an 'executable' plugin command and handles SSL-wrapped communication.

Description

Super Micro SuperDoctor 5, when restrictions are not implemented in agent.cfg, allows remote attackers to execute arbitrary commands via NRPE.

Exploits (1)

exploitdb WORKING POC

by Simon Gurney · pythonremotemultiple

https://www.exploit-db.com/exploits/47030

View Code ZIP pw:eip

This exploit leverages an unauthenticated remote command execution vulnerability in SuperMicro SuperDoctor 5's NRPE implementation by sending a crafted NRPE packet to execute arbitrary commands on the target system. The PoC constructs a valid NRPE packet with an 'executable' plugin command and handles SSL-wrapped communication.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: SuperMicro SuperDoctor 5

No auth needed

Prerequisites: Network access to port 5666 on the target · NRPE service enabled (default in SuperDoctor 5)

MITRE ATT&CK

T1210 - Exploitation of Remote Services T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Exploit, Third Party Advisory, VDB Entry x_refsource_misc

https://www.exploit-db.com/exploits/47030

Scores

CVSS v3 9.8

EPSS 0.0358

EPSS Percentile 87.9%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-306

Status published

Products (1)

supermicro/superdoctor_5

Published Jul 01, 2019

Tracked Since Feb 18, 2026