CVE-2023-35861 Information

Description

A shell-injection vulnerability in email notifications on Supermicro motherboards (such as H12DST-B before 03.10.35) allows remote attackers to inject execute arbitrary commands as root on the BMC.

Reference

https://blog.freax13.de/cve/cve-2023-35861 https://www.supermicro.com/en/products/motherboards https://www.supermicro.com/en/support/security_SMTP_Jun_2023