Supermicro Onboard IPMI Controllers Vulnerability Scanner
You can find if your Supermicro Onboard IPMI Controllers are vulnerable using this tool.
Short Info
Level
Critical
Type
Single Scan
Can be used by
Asset Owner
Estimated Time
15 sec
Scan only one
Domain, Ipv4
Parent Category
Supermicro Onboard IPMI Controllers Vulnerability Scanner Detail
Attempts to download an unprotected configuration file containing plain-text user credentials in vulnerable Supermicro Onboard IPMI controllers.
The script connects to port 49152 and issues a request for "/PSBlock" to download the file. This configuration file contains users with their passwords in plain text.
References:
Try it yourself,
control security posture
control security posture