CVE-2023-35861

Exploit

EPSS 0.97%
Published 31.07.2023 13:15:09
Last modified 21.11.2024 08:08:51
Source cve@mitre.org
Teams watchlist Login
Open Login

A shell-injection vulnerability in email notifications on Supermicro motherboards (such as H12DST-B before 03.10.35) allows remote attackers to inject execute arbitrary commands as root on the BMC.

Affected products Warnungen 0 Metrics 2 CWE 1 References 6

Data is provided by the National Vulnerability Database (NVD)

Supermicro ≫ H12dst-b Firmware Version < 03.10.35

Supermicro ≫ H12dst-b Version-

Supermicro ≫ X13dai-t Firmware Version-

Supermicro ≫ X13dai-t Version-

Supermicro ≫ X13ddw-a Firmware Version-

Supermicro ≫ X13ddw-a Version-

Supermicro ≫ X13deg-oa Firmware Version-

Supermicro ≫ X13deg-oa Version-

Supermicro ≫ X13deg-oad Firmware Version-

Supermicro ≫ X13deg-oad Version-

Supermicro ≫ X13deg-pvc Firmware Version-

Supermicro ≫ X13deg-pvc Version-

Supermicro ≫ X13deg-qt Firmware Version-

Supermicro ≫ X13deg-qt Version-

Supermicro ≫ X13dei Firmware Version-

Supermicro ≫ X13dei Version-

Supermicro ≫ X13dei-t Firmware Version-

Supermicro ≫ X13dei-t Version-

Supermicro ≫ X13dem Firmware Version-

Supermicro ≫ X13dem Version-

Supermicro ≫ X13det-b Firmware Version-

Supermicro ≫ X13det-b Version-

Supermicro ≫ X13dgu Firmware Version-

Supermicro ≫ X13dgu Version-

Supermicro ≫ X13dsf-a Firmware Version-

Supermicro ≫ X13dsf-a Version-

Supermicro ≫ X13qeh+ Firmware Version-

Supermicro ≫ X13qeh+ Version-

Supermicro ≫ X13sae Firmware Version-

Supermicro ≫ X13sae Version-

Supermicro ≫ X13sae-f Firmware Version-

Supermicro ≫ X13sae-f Version-

Supermicro ≫ X13san-c Firmware Version-

Supermicro ≫ X13san-c Version-

Supermicro ≫ X13san-c-wohs Firmware Version-

Supermicro ≫ X13san-c-wohs Version-

Supermicro ≫ X13san-e Firmware Version-

Supermicro ≫ X13san-e Version-

Supermicro ≫ X13san-e-wohs Firmware Version-

Supermicro ≫ X13san-e-wohs Version-

Supermicro ≫ X13san-h Firmware Version-

Supermicro ≫ X13san-h Version-

Supermicro ≫ X13san-h-wohs Firmware Version-

Supermicro ≫ X13san-h-wohs Version-

Supermicro ≫ X13san-l Firmware Version-

Supermicro ≫ X13san-l Version-

Supermicro ≫ X13san-l-wohs Firmware Version-

Supermicro ≫ X13san-l-wohs Version-

Supermicro ≫ X13saq Firmware Version-

Supermicro ≫ X13saq Version-

Supermicro ≫ X13sav-lvds Firmware Version-

Supermicro ≫ X13sav-lvds Version-

Supermicro ≫ X13sav-ps Firmware Version-

Supermicro ≫ X13sav-ps Version-

Supermicro ≫ X13saz-f Firmware Version-

Supermicro ≫ X13saz-f Version-

Supermicro ≫ X13saz-q Firmware Version-

Supermicro ≫ X13saz-q Version-

Supermicro ≫ X13sedw-f Firmware Version-

Supermicro ≫ X13sedw-f Version-

Supermicro ≫ X13seed-f Firmware Version-

Supermicro ≫ X13seed-f Version-

Supermicro ≫ X13seed-sf Firmware Version-

Supermicro ≫ X13seed-sf Version-

Supermicro ≫ X13sefr-a Firmware Version-

Supermicro ≫ X13sefr-a Version-

Supermicro ≫ X13sei-f Firmware Version-

Supermicro ≫ X13sei-f Version-

Supermicro ≫ X13sei-tf Firmware Version-

Supermicro ≫ X13sei-tf Version-

Supermicro ≫ X13sem-f Firmware Version-

Supermicro ≫ X13sem-f Version-

Supermicro ≫ X13sem-tf Firmware Version-

Supermicro ≫ X13sem-tf Version-

Supermicro ≫ X13set-g Firmware Version-

Supermicro ≫ X13set-g Version-

Supermicro ≫ X13set-gc Firmware Version-

Supermicro ≫ X13set-gc Version-

Supermicro ≫ X13sew-f Firmware Version-

Supermicro ≫ X13sew-f Version-

Supermicro ≫ X13sew-tf Firmware Version-

Supermicro ≫ X13sew-tf Version-

Supermicro ≫ X13sra-tf Firmware Version-

Supermicro ≫ X13sra-tf Version-

Supermicro ≫ X13srn-e Firmware Version-

Supermicro ≫ X13srn-e Version-

Supermicro ≫ X13srn-e-wohs Firmware Version-

Supermicro ≫ X13srn-e-wohs Version-

Supermicro ≫ X13srn-h Firmware Version-

Supermicro ≫ X13srn-h Version-

Supermicro ≫ X13srn-h-wohs Firmware Version-

Supermicro ≫ X13srn-h-wohs Version-

Supermicro ≫ X13swa-tf Firmware Version-

Supermicro ≫ X13swa-tf Version-

Supermicro ≫ H13dsg-o-cpu Firmware Version-

Supermicro ≫ H13dsg-o-cpu Version-

Supermicro ≫ H13dsg-o-cpu-d Firmware Version-

Supermicro ≫ H13dsg-o-cpu-d Version-

Supermicro ≫ H13dsh Firmware Version-

Supermicro ≫ H13dsh Version-

Supermicro ≫ H13sae-mf Firmware Version-

Supermicro ≫ H13sae-mf Version-

Supermicro ≫ H13srd-f Firmware Version-

Supermicro ≫ H13srd-f Version-

Supermicro ≫ H13ssf Firmware Version-

Supermicro ≫ H13ssf Version-

Supermicro ≫ H13ssh Firmware Version-

Supermicro ≫ H13ssh Version-

Supermicro ≫ H13ssl-n Firmware Version-

Supermicro ≫ H13ssl-n Version-

Supermicro ≫ H13ssl-nt Firmware Version-

Supermicro ≫ H13ssl-nt Version-

Supermicro ≫ H13sst-g Firmware Version-

Supermicro ≫ H13sst-g Version-

Supermicro ≫ H13sst-gc Firmware Version-

Supermicro ≫ H13sst-gc Version-

Supermicro ≫ H13ssw Firmware Version-

Supermicro ≫ H13ssw Version-

Supermicro ≫ X12dai-n6 Firmware Version-

Supermicro ≫ X12dai-n6 Version-

Supermicro ≫ X12ddw-a6 Firmware Version-

Supermicro ≫ X12ddw-a6 Version-

Supermicro ≫ X12dgo-6 Firmware Version-

Supermicro ≫ X12dgo-6 Version-

Supermicro ≫ X12dgq-r Firmware Version-

Supermicro ≫ X12dgq-r Version-

Supermicro ≫ X12dgu Firmware Version-

Supermicro ≫ X12dgu Version-

Supermicro ≫ X12dhm-6 Firmware Version-

Supermicro ≫ X12dhm-6 Version-

Supermicro ≫ X12dpd-a6m25 Firmware Version-

Supermicro ≫ X12dpd-a6m25 Version-

Supermicro ≫ X12dpfr-an6 Firmware Version-

Supermicro ≫ X12dpfr-an6 Version-

Supermicro ≫ X12dpg-ar Firmware Version-

Supermicro ≫ X12dpg-ar Version-

Supermicro ≫ X12dpg-oa6 Firmware Version-

Supermicro ≫ X12dpg-oa6 Version-

Supermicro ≫ X12dpg-oa6-gd2 Firmware Version-

Supermicro ≫ X12dpg-oa6-gd2 Version-

Supermicro ≫ X12dpg-qbt6 Firmware Version-

Supermicro ≫ X12dpg-qbt6 Version-

Supermicro ≫ X12dpg-qr Firmware Version-

Supermicro ≫ X12dpg-qr Version-

Supermicro ≫ X12dpg-qt6 Firmware Version-

Supermicro ≫ X12dpg-qt6 Version-

Supermicro ≫ X12dpg-u6 Firmware Version-

Supermicro ≫ X12dpg-u6 Version-

Supermicro ≫ X12dpi-n6 Firmware Version-

Supermicro ≫ X12dpi-n6 Version-

Supermicro ≫ X12dpi-nt6 Firmware Version-

Supermicro ≫ X12dpi-nt6 Version-

Supermicro ≫ X12dpl-i6 Firmware Version-

Supermicro ≫ X12dpl-i6 Version-

Supermicro ≫ X12dpl-nt6 Firmware Version-

Supermicro ≫ X12dpl-nt6 Version-

Supermicro ≫ X12dpt-b6 Firmware Version-

Supermicro ≫ X12dpt-b6 Version-

Supermicro ≫ X12dpt-pt46 Firmware Version-

Supermicro ≫ X12dpt-pt46 Version-

Supermicro ≫ X12dpt-pt6 Firmware Version-

Supermicro ≫ X12dpt-pt6 Version-

Supermicro ≫ X12dpu-6 Firmware Version-

Supermicro ≫ X12dpu-6 Version-

Supermicro ≫ X12dsc-6 Firmware Version-

Supermicro ≫ X12dsc-6 Version-

Supermicro ≫ X12qch+ Firmware Version-

Supermicro ≫ X12qch+ Version-

Supermicro ≫ X12sae Firmware Version-

Supermicro ≫ X12sae Version-

Supermicro ≫ X12sae-5 Firmware Version-

Supermicro ≫ X12sae-5 Version-

Supermicro ≫ X12sca-5f Firmware Version-

Supermicro ≫ X12sca-5f Version-

Supermicro ≫ X12sca-f Firmware Version-

Supermicro ≫ X12sca-f Version-

Supermicro ≫ X12scq Firmware Version-

Supermicro ≫ X12scq Version-

Supermicro ≫ X12scv-lvds Firmware Version-

Supermicro ≫ X12scv-lvds Version-

Supermicro ≫ X12scv-w Firmware Version-

Supermicro ≫ X12scv-w Version-

Supermicro ≫ X12scz-f Firmware Version-

Supermicro ≫ X12scz-f Version-

Supermicro ≫ X12scz-qf Firmware Version-

Supermicro ≫ X12scz-qf Version-

Supermicro ≫ X12scz-tln4f Firmware Version-

Supermicro ≫ X12scz-tln4f Version-

Supermicro ≫ X12sdv-10c-sp6f Firmware Version-

Supermicro ≫ X12sdv-10c-sp6f Version-

Supermicro ≫ X12sdv-10c-spt4f Firmware Version-

Supermicro ≫ X12sdv-10c-spt4f Version-

Supermicro ≫ X12sdv-14c-spt8f Firmware Version-

Supermicro ≫ X12sdv-14c-spt8f Version-

Supermicro ≫ X12sdv-16c-spt8f Firmware Version-

Supermicro ≫ X12sdv-16c-spt8f Version-

Supermicro ≫ X12sdv-20c-spt8f Firmware Version-

Supermicro ≫ X12sdv-20c-spt8f Version-

Supermicro ≫ X12sdv-4c-sp6f Firmware Version-

Supermicro ≫ X12sdv-4c-sp6f Version-

Supermicro ≫ X12sdv-4c-spt4f Firmware Version-

Supermicro ≫ X12sdv-4c-spt4f Version-

Supermicro ≫ X12sdv-4c-spt8f Firmware Version-

Supermicro ≫ X12sdv-4c-spt8f Version-

Supermicro ≫ X12sdv-8c-sp6f Firmware Version-

Supermicro ≫ X12sdv-8c-sp6f Version-

Supermicro ≫ X12sdv-8c-spt4f Firmware Version-

Supermicro ≫ X12sdv-8c-spt4f Version-

Supermicro ≫ X12sdv-8c-spt8f Firmware Version-

Supermicro ≫ X12sdv-8c-spt8f Version-

Supermicro ≫ X12sdv-8ce-sp4f Firmware Version-

Supermicro ≫ X12sdv-8ce-sp4f Version-

Supermicro ≫ X12spa-tf Firmware Version-

Supermicro ≫ X12spa-tf Version-

Supermicro ≫ X12sped-f Firmware Version-

Supermicro ≫ X12sped-f Version-

Supermicro ≫ X12spg-nf Firmware Version-

Supermicro ≫ X12spg-nf Version-

Supermicro ≫ X12spi-tf Firmware Version-

Supermicro ≫ X12spi-tf Version-

Supermicro ≫ X12spl-f Firmware Version-

Supermicro ≫ X12spl-f Version-

Supermicro ≫ X12spl-ln4f Firmware Version-

Supermicro ≫ X12spl-ln4f Version-

Supermicro ≫ X12spm-ln4f Firmware Version-

Supermicro ≫ X12spm-ln4f Version-

Supermicro ≫ X12spm-ln6tf Firmware Version-

Supermicro ≫ X12spm-ln6tf Version-

Supermicro ≫ X12spm-tf Firmware Version-

Supermicro ≫ X12spm-tf Version-

Supermicro ≫ X12spo-f Firmware Version-

Supermicro ≫ X12spo-f Version-

Supermicro ≫ X12spo-ntf Firmware Version-

Supermicro ≫ X12spo-ntf Version-

Supermicro ≫ X12spt-g Firmware Version-

Supermicro ≫ X12spt-g Version-

Supermicro ≫ X12spt-gc Firmware Version-

Supermicro ≫ X12spt-gc Version-

Supermicro ≫ X12spt-pt Firmware Version-

Supermicro ≫ X12spt-pt Version-

Supermicro ≫ X12spw-f Firmware Version-

Supermicro ≫ X12spw-f Version-

Supermicro ≫ X12spw-tf Firmware Version-

Supermicro ≫ X12spw-tf Version-

Supermicro ≫ X12spz-ln4f Firmware Version-

Supermicro ≫ X12spz-ln4f Version-

Supermicro ≫ X12spz-spln6f Firmware Version-

Supermicro ≫ X12spz-spln6f Version-

Supermicro ≫ X12std-f Firmware Version-

Supermicro ≫ X12std-f Version-

Supermicro ≫ X12ste-f Firmware Version-

Supermicro ≫ X12ste-f Version-

Supermicro ≫ X12sth-f Firmware Version-

Supermicro ≫ X12sth-f Version-

Supermicro ≫ X12sth-ln4f Firmware Version-

Supermicro ≫ X12sth-ln4f Version-

Supermicro ≫ X12sth-sys Firmware Version-

Supermicro ≫ X12sth-sys Version-

Supermicro ≫ X12stl-f Firmware Version-

Supermicro ≫ X12stl-f Version-

Supermicro ≫ X12stl-if Firmware Version-

Supermicro ≫ X12stl-if Version-

Supermicro ≫ X12stn-c Firmware Version-

Supermicro ≫ X12stn-c Version-

Supermicro ≫ X12stn-c-wohs Firmware Version-

Supermicro ≫ X12stn-c-wohs Version-

Supermicro ≫ X12stn-e Firmware Version-

Supermicro ≫ X12stn-e Version-

Supermicro ≫ X12stn-e-wohs Firmware Version-

Supermicro ≫ X12stn-e-wohs Version-

Supermicro ≫ X12stn-h Firmware Version-

Supermicro ≫ X12stn-h Version-

Supermicro ≫ X12stn-h-wohs Firmware Version-

Supermicro ≫ X12stn-h-wohs Version-

Supermicro ≫ X12stn-l Firmware Version-

Supermicro ≫ X12stn-l Version-

Supermicro ≫ X12stn-l-wohs Firmware Version-

Supermicro ≫ X12stn-l-wohs Version-

Supermicro ≫ X12stw-f Firmware Version-

Supermicro ≫ X12stw-f Version-

Supermicro ≫ X12stw-tf Firmware Version-

Supermicro ≫ X12stw-tf Version-

Supermicro ≫ H12ssw-ntr Firmware Version-

Supermicro ≫ H12ssw-ntr Version-

Supermicro ≫ H12ssw-ntl Firmware Version-

Supermicro ≫ H12ssw-ntl Version-

Supermicro ≫ H12ssw-nt Firmware Version-

Supermicro ≫ H12ssw-nt Version-

Supermicro ≫ H12ssw-inr Firmware Version-

Supermicro ≫ H12ssw-inr Version-

Supermicro ≫ H12ssw-inl Firmware Version-

Supermicro ≫ H12ssw-inl Version-

Supermicro ≫ H12ssw-in Firmware Version-

Supermicro ≫ H12ssw-in Version-

Supermicro ≫ H12ssw-an6 Firmware Version-

Supermicro ≫ H12ssw-an6 Version-

Supermicro ≫ H12sst-ps Firmware Version-

Supermicro ≫ H12sst-ps Version-

Supermicro ≫ H12ssl-nt Firmware Version-

Supermicro ≫ H12ssl-nt Version-

Supermicro ≫ H12ssl-i Firmware Version-

Supermicro ≫ H12ssl-i Version-

Supermicro ≫ H12ssl-ct Firmware Version-

Supermicro ≫ H12ssl-ct Version-

Supermicro ≫ H12ssl-c Firmware Version-

Supermicro ≫ H12ssl-c Version-

Supermicro ≫ H12ssg-anp6 Firmware Version-

Supermicro ≫ H12ssg-anp6 Version-

Supermicro ≫ H12ssg-an6 Firmware Version-

Supermicro ≫ H12ssg-an6 Version-

Supermicro ≫ H12ssfr-an6 Firmware Version-

Supermicro ≫ H12ssfr-an6 Version-

Supermicro ≫ H12ssff-an6 Firmware Version-

Supermicro ≫ H12ssff-an6 Version-

Supermicro ≫ H12dsu-inr Firmware Version-

Supermicro ≫ H12dsu-inr Version-

Supermicro ≫ H12dsu-in Firmware Version-

Supermicro ≫ H12dsu-in Version-

Supermicro ≫ H12dst-b Firmware Version-

Supermicro ≫ H12dst-b Version-

Supermicro ≫ H12dsi-nt6 Firmware Version-

Supermicro ≫ H12dsi-nt6 Version-

Supermicro ≫ H12dsi-n6 Firmware Version-

Supermicro ≫ H12dsi-n6 Version-

Supermicro ≫ H12dsg-q-cpu6 Firmware Version-

Supermicro ≫ H12dsg-q-cpu6 Version-

Supermicro ≫ H12dsg-o-cpu Firmware Version-

Supermicro ≫ H12dsg-o-cpu Version-

Supermicro ≫ H12dgq-nt6 Firmware Version-

Supermicro ≫ H12dgq-nt6 Version-

Supermicro ≫ H12dgo-6 Firmware Version-

Supermicro ≫ H12dgo-6 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.97%	0.753

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.

https://blog.freax13.de/cve/cve-2023-35861

Third Party Advisory

Exploit

https://www.supermicro.com/en/products/motherboards

Product

https://www.supermicro.com/en/support/security_SMTP_Jun_2023

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2023-35861

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-35861

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-35861

EUVD