Software & Hardware Versions Exploited in POC Hardware: Motherboard model number: X8STi-F Software: IPMI FW Version: 2.06, BIOS Version: 02.68 Vulnerability Description The Virtual Media feature of the web based IPMI contains an OS Command Injection issue, allowing attackers to execute arbitrary commands on the victim system’s firmware. Attackers exploiting this issue are able to install backdoors or pivot into a network and execute further attacks within the victim network.