Vulnerabilities > Supermicro > X10Drh IT Firmware > High

DATE CVE VULNERABILITY TITLE RISK
2020-06-24 CVE-2020-15046 Cross-Site Request Forgery (CSRF) vulnerability in Supermicro X10Drh-It Bios and X10Drh-It Firmware
The web interface on Supermicro X10DRH-iT motherboards with BIOS 2.0a and IPMI firmware 03.40 allows remote attackers to exploit a cgi/config_user.cgi CSRF issue to add new admin users.
network
low complexity
supermicro CWE-352
8.8