Showing posts from December, 2019

SuperMicro IPMI Exploitation

Software & Hardware Versions Exploited in POC This vulnerability is now known as CVE-2019-19642 Hardware   Motherboard model number: X8STi-F Software   IPMI FW Version: 2.06 BIOS Version: 02.68 Vulnerability Description The Virtual Media feature of the web based IPMI contains an OS Command Injection issue, allowing attackers to execute arbitrary commands on the victim system’s firmware. Attackers exploiting this issue are able to install backdoors or pivot into a network and execute further attacks within the victim network. This type of issue is classified as CWE-78, improper Neutralization of Special Elements used in an OS Command ('OS Command Injection').   Vulnerability Exploitation The vulnerability exists in /rpc/setvmdrive.asp. When sending an authenticated POST request to this URL, the POST parameters ShareHost and ShareName can injected with bash commands. To attain execution of the i