What is GHSA-wp43-6fh8-q2qr?

GHSA-wp43-6fh8-q2qr is a security advisory published by GitHub Security Advisories with High severity. There is a vulnerability in the Supermicro BMC SMTP service at Supermicro AS-2115HS-TNR. An...

Which CVE IDs does GHSA-wp43-6fh8-q2qr cover?

GHSA-wp43-6fh8-q2qr covers the following CVE IDs: CVE-2026-3820. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of GHSA-wp43-6fh8-q2qr?

GHSA-wp43-6fh8-q2qr has a CVSS v3 base score of 7.2, published by GitHub Security Advisories.

GHSA-wp43-6fh8-q2qrHighCVSS 7.2

There is a vulnerability in the Supermicro BMC SMTP service at Supermicro AS-2115HS-TNR. An...

Vendor

GitHub Security Advisories

Published

June 4, 2026

Last Modified

June 4, 2026

🔗 CVE IDs covered (1)

CVE-2026-3820 →

📋 Description

There is a vulnerability in the Supermicro BMC SMTP service at Supermicro AS-2115HS-TNR. An attacker may obtain administrator privileges and inject specially crafted characters into the SMTP service configuration. This may cause the underlying system to execute unintended commands during process invocation.

Potential impact includes denial-of-service attacks, arbitrary code execution, or permanent compromise of the controller.

🔗 References (3)

https://nvd.nist.gov/vuln/detail/CVE-2026-3820
https://www.supermicro.com/en/support/security_BMC_IPMI_Jun_2026
https://github.com/advisories/GHSA-wp43-6fh8-q2qr