HIGH
Supermicro
CVE published 2026-06-04
CVE-2026-3820
A command injection vulnerability exists in the Supermicro Baseboard Management Controller (BMC) SMTP service on the AS-2115HS-TNR platform. An attacker with administrator privileges can inject specially crafted characters into the SMTP service configuration, causing unintended command execution during process invocation. The vulnerability is classified as CWE-78 (OS Command Injection) with a CVSS 3.1 sco [truncated]