CVE-2019-13131
CRITICALSupermicro Superdoctor 5 - Missing Authentication
Title source: ruleDescription
Super Micro SuperDoctor 5, when restrictions are not implemented in agent.cfg, allows remote attackers to execute arbitrary commands via NRPE.
Exploits (1)
exploitdb
WORKING POC
by Simon Gurney · pythonremotemultiple
https://www.exploit-db.com/exploits/47030
Scores
CVSS v3
9.8
EPSS
0.0211
EPSS Percentile
84.2%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-306
Status
published
Products (1)
supermicro/superdoctor_5
Published
Jul 01, 2019
Tracked Since
Feb 18, 2026