Security For Everyone

Supermicro Onboard IPMI Controllers Vulnerability Scanner

You can find if your Supermicro Onboard IPMI Controllers are vulnerable using this tool.

Short Info

Level

Critical

Single Scan

Can be used by

Asset Owner

Estimated Time

15 seconds

Time Interval

2 months 27 days

Scan only one

Domain, IPv4, Subdomain

Toolbox

-

Attempts to download an unprotected configuration file containing plain-text user credentials in vulnerable Supermicro Onboard IPMI controllers.

The script connects to port 49152 and issues a request for "/PSBlock" to download the file. This configuration file contains users with their passwords in plain text.

References:

https://community.rapid7.com/community/metasploit/blog/2013/07/02/a-penetration-testers-guide-to-ipmi

Get started to protecting your Free Full Security Scan

Start trial See the plans