Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
asus asus firmware vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2021-46109
Invalid input sanitizing leads to reflected Cross Site Scripting (XSS) in ASUS RT-AC52U_B1 3.0.0.4.380.10931 can lead to a user session hijack.
Asus Rt-ac52u B1 Firmware 3.0.0.4.380.10931
4.6
CVSSv2
CVE-2021-42055
ASUSTek ZenBook Pro Due 15 UX582 laptop firmware through 203 has Insecure Permissions that allow attacks by a physically proximate attacker.
Asus Ux582lr Firmware
5
CVSSv2
CVE-2021-3128
In ASUS RT-AX3000, ZenWiFi AX (XT8), RT-AX88U, and other ASUS routers with firmware < 3.0.0.4.386.42095 or < 9.0.0.4.386.41994, when IPv6 is used, a routing loop can occur that generates excessive network traffic between an affected device and its upstream ISP's router...
Asus Zenwifi Ax \\(xt8\\) Firmware
Asus Rt-ax3000 Firmware
Asus Rt-ax55 Firmware
Asus Rt-ax56u Firmware
Asus Rt-ax58u Firmware
Asus Rt-ax68u Firmware
Asus Rt-ax82u Firmware
Asus Rt-ax86u Firmware
Asus Rt-ax88u Firmware
Asus Rt-ac66u B1 Firmware
Asus Rt-ac1750 B1 Firmware
Asus Rt-ac1900 Firmware
Asus Rt-ac1900p Firmware
Asus Rt-ac1900u Firmware
Asus Rt-ac2900 Firmware
Asus Rt-ac3100 Firmware
Asus Rt-ac5300 Firmware
Asus Rt-ac58u Firmware
Asus Rt-ac65u Firmware
Asus Rt-ac68p Firmware
Asus Rt-ac68r Firmware
Asus Rt-ac68rw Firmware
4
CVSSv2
CVE-2021-28178
The UEFI configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the ...
Asus Z10pr-d16 Firmware 1.14.51
Asus Asmb8-ikvm Firmware 1.14.51
Asus Z10pe-d16 Ws Firmware 1.14.2
4
CVSSv2
CVE-2021-28197
The Active Directory configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally te...
Asus Asmb9-ikvm Firmware 1.11.12
Asus Rs720a-e9-rs24-e Firmware 1.10.3
Asus Rs700a-e9-rs4 Firmware 1.10.0
Asus Rs700-e9-rs4 Firmware 1.09
Asus Esc4000 G4x Firmware 1.11.6
Asus Rs700-e9-rs12 Firmware 1.11.5
Asus Rs100-e10-pi2 Firmware 1.13.6
Asus Rs300-e10-ps4 Firmware 1.13.6
Asus Rs300-e10-rs4 Firmware 1.13.6
Asus Rs500a-e9-ps4 Firmware 1.14.1
Asus Rs500a-e9-rs4 Firmware 1.14.1
Asus Rs500a-e9 Rs4 U Firmware 1.14.1
Asus E700 G4 Firmware 1.14.1
Asus Ws C422 Pro/se Firmware 1.14.1
Asus Ws X299 Pro/se Firmware 1.14.1
Asus Z11pa-u12 Firmware 1.15.1
Asus Z11pa-u12/10g-2s Firmware 1.15.1
Asus Knpa-u16 Firmware 1.13.4
Asus Esc4000 Dhd G4 Firmware 1.13.7
Asus Esc4000 G4 Firmware 1.15.2
Asus Rs720q-e9-rs24-s Firmware 1.15.0
Asus Rs720q-e9-rs8 Firmware 1.15.0
4
CVSSv2
CVE-2021-28199
The specific function in ASUS BMC’s firmware Web management page (Modify user’s information function) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the lea...
Asus Asmb9-ikvm Firmware 1.11.12
Asus Rs720a-e9-rs24-e Firmware 1.10.3
Asus Rs700a-e9-rs4 Firmware 1.10.0
Asus Rs700-e9-rs4 Firmware 1.09
Asus Esc4000 G4x Firmware 1.11.6
Asus Rs700-e9-rs12 Firmware 1.11.5
Asus Rs100-e10-pi2 Firmware 1.13.6
Asus Rs300-e10-ps4 Firmware 1.13.6
Asus Rs300-e10-rs4 Firmware 1.13.6
Asus Rs500a-e9-ps4 Firmware 1.14.1
Asus Rs500a-e9-rs4 Firmware 1.14.1
Asus Rs500a-e9 Rs4 U Firmware 1.14.1
Asus E700 G4 Firmware 1.14.1
Asus Ws C422 Pro/se Firmware 1.14.1
Asus Ws X299 Pro/se Firmware 1.14.1
Asus Z11pa-u12 Firmware 1.15.1
Asus Z11pa-u12/10g-2s Firmware 1.15.1
Asus Knpa-u16 Firmware 1.13.4
Asus Esc4000 Dhd G4 Firmware 1.13.7
Asus Esc4000 G4 Firmware 1.15.2
Asus Rs720q-e9-rs24-s Firmware 1.15.0
Asus Rs720q-e9-rs8 Firmware 1.15.0
4
CVSSv2
CVE-2021-28202
The Service configuration-2 function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate...
Asus Asmb9-ikvm Firmware 1.11.12
Asus Rs720a-e9-rs24-e Firmware 1.10.3
Asus Rs700a-e9-rs4 Firmware 1.10.0
Asus Rs700-e9-rs4 Firmware 1.09
Asus Esc4000 G4x Firmware 1.11.6
Asus Rs700-e9-rs12 Firmware 1.11.5
Asus Rs100-e10-pi2 Firmware 1.13.6
Asus Rs300-e10-ps4 Firmware 1.13.6
Asus Rs300-e10-rs4 Firmware 1.13.6
Asus Rs500a-e9-ps4 Firmware 1.14.1
Asus Rs500a-e9-rs4 Firmware 1.14.1
Asus Rs500a-e9 Rs4 U Firmware 1.14.1
Asus E700 G4 Firmware 1.14.1
Asus Ws C422 Pro\\/se Firmware 1.14.1
Asus Ws X299 Pro\\/se Firmware 1.14.1
Asus Z11pa-u12 Firmware 1.15.1
Asus Z11pa-u12\\/10g-2s Firmware 1.15.1
Asus Knpa-u16 Firmware 1.13.4
Asus Esc4000 Dhd G4 Firmware 1.13.7
Asus Esc4000 G4 Firmware 1.15.2
Asus Rs720q-e9-rs24-s Firmware 1.15.0
Asus Rs720q-e9-rs8 Firmware 1.15.0
6.8
CVSSv2
CVE-2021-28208
The specific function in ASUS BMC’s firmware Web management page (Get video file function) does not filter the specific parameter. As obtaining the administrator permission, remote attackers can use the means of path traversal to access system files.
Asus Asmb9-ikvm Firmware 1.11.12
Asus Rs720a-e9-rs24-e Firmware 1.10.3
Asus Rs700a-e9-rs4 Firmware 1.10.0
Asus Rs700-e9-rs4 Firmware 1.09
Asus Esc4000 G4x Firmware 1.11.6
Asus Rs700-e9-rs12 Firmware 1.11.5
Asus Rs100-e10-pi2 Firmware 1.13.6
Asus Rs300-e10-ps4 Firmware 1.13.6
Asus Rs300-e10-rs4 Firmware 1.13.6
Asus Rs500a-e9-ps4 Firmware 1.14.1
Asus Rs500a-e9-rs4 Firmware 1.14.1
Asus Rs500a-e9 Rs4 U Firmware 1.14.1
Asus E700 G4 Firmware 1.14.1
Asus Ws C422 Pro\\/se Firmware 1.14.1
Asus Ws X299 Pro\\/se Firmware 1.14.1
Asus Z11pa-u12 Firmware 1.15.1
Asus Z11pa-u12\\/10g-2s Firmware 1.15.1
Asus Knpa-u16 Firmware 1.13.4
Asus Esc4000 Dhd G4 Firmware 1.13.7
Asus Esc4000 G4 Firmware 1.15.2
Asus Rs720q-e9-rs24-s Firmware 1.15.0
Asus Rs720q-e9-rs8 Firmware 1.15.0
6.8
CVSSv2
CVE-2021-28209
The specific function in ASUS BMC’s firmware Web management page (Delete video file function) does not filter the specific parameter. As obtaining the administrator permission, remote attackers can use the means of path traversal to access system files.
Asus Asmb9-ikvm Firmware 1.11.12
Asus Rs720a-e9-rs24-e Firmware 1.10.3
Asus Rs700a-e9-rs4 Firmware 1.10.0
Asus Rs700-e9-rs4 Firmware 1.09
Asus Esc4000 G4x Firmware 1.11.6
Asus Rs700-e9-rs12 Firmware 1.11.5
Asus Rs100-e10-pi2 Firmware 1.13.6
Asus Rs300-e10-ps4 Firmware 1.13.6
Asus Rs300-e10-rs4 Firmware 1.13.6
Asus Rs500a-e9-ps4 Firmware 1.14.1
Asus Rs500a-e9-rs4 Firmware 1.14.1
Asus Rs500a-e9 Rs4 U Firmware 1.14.1
Asus E700 G4 Firmware 1.14.1
Asus Ws C422 Pro\\/se Firmware 1.14.1
Asus Ws X299 Pro\\/se Firmware 1.14.1
Asus Z11pa-u12 Firmware 1.15.1
Asus Z11pa-u12\\/10g-2s Firmware 1.15.1
Asus Knpa-u16 Firmware 1.13.4
Asus Esc4000 Dhd G4 Firmware 1.13.7
Asus Esc4000 G4 Firmware 1.15.2
Asus Rs720q-e9-rs24-s Firmware 1.15.0
Asus Rs720q-e9-rs8 Firmware 1.15.0
6.8
CVSSv2
CVE-2021-28207
The specific function in ASUS BMC’s firmware Web management page (Get Help file function) does not filter the specific parameter. As obtaining the administrator permission, remote attackers can use the means of path traversal to access system files.
Asus Asmb9-ikvm Firmware 1.11.12
Asus Rs720a-e9-rs24-e Firmware 1.10.3
Asus Rs700a-e9-rs4 Firmware 1.10.0
Asus Rs700-e9-rs4 Firmware 1.09
Asus Esc4000 G4x Firmware 1.11.6
Asus Rs700-e9-rs12 Firmware 1.11.5
Asus Rs100-e10-pi2 Firmware 1.13.6
Asus Rs300-e10-ps4 Firmware 1.13.6
Asus Rs300-e10-rs4 Firmware 1.13.6
Asus Rs500a-e9-ps4 Firmware 1.14.1
Asus Rs500a-e9-rs4 Firmware 1.14.1
Asus Rs500a-e9 Rs4 U Firmware 1.14.1
Asus E700 G4 Firmware 1.14.1
Asus Ws C422 Pro\\/se Firmware 1.14.1
Asus Ws X299 Pro\\/se Firmware 1.14.1
Asus Z11pa-u12 Firmware 1.15.1
Asus Z11pa-u12\\/10g-2s Firmware 1.15.1
Asus Knpa-u16 Firmware 1.13.4
Asus Esc4000 Dhd G4 Firmware 1.13.7
Asus Esc4000 G4 Firmware 1.15.2
Asus Rs720q-e9-rs24-s Firmware 1.15.0
Asus Rs720q-e9-rs8 Firmware 1.15.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »