CVE-2019-19642

Name of the Vulnerable Software and Affected Versions SuperMicro X8STi-F motherboards with IPMI firmware 2.06 and BIOS 02.68

Description The issue allows OS Command Injection by authenticated attackers who can send HTTP requests to the IPMI IP address. This is achieved by sending a POST request to the "/rpc/setvmdrive.asp" API endpoint with shell metacharacters in the ShareHost or ShareName variables. The attacker can achieve a persistent backdoor.

Recommendations For SuperMicro X8STi-F motherboards with IPMI firmware 2.06 and BIOS 02.68, consider disabling the Virtual Media feature until a patch is available to prevent OS Command Injection attacks. Restrict access to the "/rpc/setvmdrive.asp" API endpoint to minimize the risk of exploitation. Avoid using the ShareHost and ShareName variables in the affected API endpoint until the issue is resolved.