Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
asus asus firmware vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2021-28203
The Web Set Media Image function in ASUS BMC’s firmware Web management page does not filter the specific parameter. As obtaining the administrator permission, remote attackers can launch command injection to execute command arbitrary.
Asus Z10pr-d16 Firmware 1.14.51
Asus Asmb8-ikvm Firmware 1.14.51
Asus Z10pe-d16 Ws Firmware 1.14.2
6.5
CVSSv2
CVE-2021-28204
The specific function in ASUS BMC’s firmware Web management page (Modify user’s information function) does not filter the specific parameter. As obtaining the administrator permission, remote attackers can launch command injection to execute command arbitrary.
Asus Z10pr-d16 Firmware 1.14.51
Asus Asmb8-ikvm Firmware 1.14.51
Asus Z10pe-d16 Ws Firmware 1.14.2
6.8
CVSSv2
CVE-2021-28205
The specific function in ASUS BMC’s firmware Web management page (Delete SOL video file function) does not filter the specific parameter. As obtaining the administrator permission, remote attackers can use the means of path traversal to access system files.
Asus Z10pr-d16 Firmware 1.14.51
Asus Asmb8-ikvm Firmware 1.14.51
Asus Z10pe-d16 Ws Firmware 1.14.2
6.8
CVSSv2
CVE-2021-28206
The specific function in ASUS BMC’s firmware Web management page (Record video file function) does not filter the specific parameter. As obtaining the administrator permission, remote attackers can use the means of path traversal to access system files.
Asus Asmb9-ikvm Firmware 1.11.12
Asus Rs720a-e9-rs24-e Firmware 1.10.3
Asus Rs700a-e9-rs4 Firmware 1.10.0
Asus Rs700-e9-rs4 Firmware 1.09
Asus Esc4000 G4x Firmware 1.11.6
Asus Rs700-e9-rs12 Firmware 1.11.5
Asus Rs100-e10-pi2 Firmware 1.13.6
Asus Rs300-e10-ps4 Firmware 1.13.6
Asus Rs300-e10-rs4 Firmware 1.13.6
Asus Rs500a-e9-ps4 Firmware 1.14.1
Asus Rs500a-e9-rs4 Firmware 1.14.1
Asus Rs500a-e9 Rs4 U Firmware 1.14.1
Asus E700 G4 Firmware 1.14.1
Asus Ws C422 Pro\\/se Firmware 1.14.1
Asus Ws X299 Pro\\/se Firmware 1.14.1
Asus Z11pa-u12 Firmware 1.15.1
Asus Z11pa-u12\\/10g-2s Firmware 1.15.1
Asus Knpa-u16 Firmware 1.13.4
Asus Esc4000 Dhd G4 Firmware 1.13.7
Asus Esc4000 G4 Firmware 1.15.2
Asus Rs720q-e9-rs24-s Firmware 1.15.0
Asus Rs720q-e9-rs8 Firmware 1.15.0
6.8
CVSSv2
CVE-2021-28207
The specific function in ASUS BMC’s firmware Web management page (Get Help file function) does not filter the specific parameter. As obtaining the administrator permission, remote attackers can use the means of path traversal to access system files.
Asus Asmb9-ikvm Firmware 1.11.12
Asus Rs720a-e9-rs24-e Firmware 1.10.3
Asus Rs700a-e9-rs4 Firmware 1.10.0
Asus Rs700-e9-rs4 Firmware 1.09
Asus Esc4000 G4x Firmware 1.11.6
Asus Rs700-e9-rs12 Firmware 1.11.5
Asus Rs100-e10-pi2 Firmware 1.13.6
Asus Rs300-e10-ps4 Firmware 1.13.6
Asus Rs300-e10-rs4 Firmware 1.13.6
Asus Rs500a-e9-ps4 Firmware 1.14.1
Asus Rs500a-e9-rs4 Firmware 1.14.1
Asus Rs500a-e9 Rs4 U Firmware 1.14.1
Asus E700 G4 Firmware 1.14.1
Asus Ws C422 Pro\\/se Firmware 1.14.1
Asus Ws X299 Pro\\/se Firmware 1.14.1
Asus Z11pa-u12 Firmware 1.15.1
Asus Z11pa-u12\\/10g-2s Firmware 1.15.1
Asus Knpa-u16 Firmware 1.13.4
Asus Esc4000 Dhd G4 Firmware 1.13.7
Asus Esc4000 G4 Firmware 1.15.2
Asus Rs720q-e9-rs24-s Firmware 1.15.0
Asus Rs720q-e9-rs8 Firmware 1.15.0
6.8
CVSSv2
CVE-2021-28208
The specific function in ASUS BMC’s firmware Web management page (Get video file function) does not filter the specific parameter. As obtaining the administrator permission, remote attackers can use the means of path traversal to access system files.
Asus Asmb9-ikvm Firmware 1.11.12
Asus Rs720a-e9-rs24-e Firmware 1.10.3
Asus Rs700a-e9-rs4 Firmware 1.10.0
Asus Rs700-e9-rs4 Firmware 1.09
Asus Esc4000 G4x Firmware 1.11.6
Asus Rs700-e9-rs12 Firmware 1.11.5
Asus Rs100-e10-pi2 Firmware 1.13.6
Asus Rs300-e10-ps4 Firmware 1.13.6
Asus Rs300-e10-rs4 Firmware 1.13.6
Asus Rs500a-e9-ps4 Firmware 1.14.1
Asus Rs500a-e9-rs4 Firmware 1.14.1
Asus Rs500a-e9 Rs4 U Firmware 1.14.1
Asus E700 G4 Firmware 1.14.1
Asus Ws C422 Pro\\/se Firmware 1.14.1
Asus Ws X299 Pro\\/se Firmware 1.14.1
Asus Z11pa-u12 Firmware 1.15.1
Asus Z11pa-u12\\/10g-2s Firmware 1.15.1
Asus Knpa-u16 Firmware 1.13.4
Asus Esc4000 Dhd G4 Firmware 1.13.7
Asus Esc4000 G4 Firmware 1.15.2
Asus Rs720q-e9-rs24-s Firmware 1.15.0
Asus Rs720q-e9-rs8 Firmware 1.15.0
4
CVSSv2
CVE-2021-28194
The specific function in ASUS BMC’s firmware Web management page (Remote image configuration setting) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage t...
Asus Asmb9-ikvm Firmware 1.11.12
Asus Rs720a-e9-rs24-e Firmware 1.10.3
Asus Rs700a-e9-rs4 Firmware 1.10.0
Asus Rs700-e9-rs4 Firmware 1.09
Asus Esc4000 G4x Firmware 1.11.6
Asus Rs700-e9-rs12 Firmware 1.11.5
Asus Rs100-e10-pi2 Firmware 1.13.6
Asus Rs300-e10-ps4 Firmware 1.13.6
Asus Rs300-e10-rs4 Firmware 1.13.6
Asus Rs500a-e9-ps4 Firmware 1.14.1
Asus Rs500a-e9-rs4 Firmware 1.14.1
Asus Rs500a-e9 Rs4 U Firmware 1.14.1
Asus E700 G4 Firmware 1.14.1
Asus Ws C422 Pro/se Firmware 1.14.1
Asus Ws X299 Pro/se Firmware 1.14.1
Asus Z11pa-u12 Firmware 1.15.1
Asus Z11pa-u12/10g-2s Firmware 1.15.1
Asus Knpa-u16 Firmware 1.13.4
Asus Esc4000 Dhd G4 Firmware 1.13.7
Asus Esc4000 G4 Firmware 1.15.2
Asus Rs720q-e9-rs24-s Firmware 1.15.0
Asus Rs720q-e9-rs8 Firmware 1.15.0
6.8
CVSSv2
CVE-2021-28209
The specific function in ASUS BMC’s firmware Web management page (Delete video file function) does not filter the specific parameter. As obtaining the administrator permission, remote attackers can use the means of path traversal to access system files.
Asus Asmb9-ikvm Firmware 1.11.12
Asus Rs720a-e9-rs24-e Firmware 1.10.3
Asus Rs700a-e9-rs4 Firmware 1.10.0
Asus Rs700-e9-rs4 Firmware 1.09
Asus Esc4000 G4x Firmware 1.11.6
Asus Rs700-e9-rs12 Firmware 1.11.5
Asus Rs100-e10-pi2 Firmware 1.13.6
Asus Rs300-e10-ps4 Firmware 1.13.6
Asus Rs300-e10-rs4 Firmware 1.13.6
Asus Rs500a-e9-ps4 Firmware 1.14.1
Asus Rs500a-e9-rs4 Firmware 1.14.1
Asus Rs500a-e9 Rs4 U Firmware 1.14.1
Asus E700 G4 Firmware 1.14.1
Asus Ws C422 Pro\\/se Firmware 1.14.1
Asus Ws X299 Pro\\/se Firmware 1.14.1
Asus Z11pa-u12 Firmware 1.15.1
Asus Z11pa-u12\\/10g-2s Firmware 1.15.1
Asus Knpa-u16 Firmware 1.13.4
Asus Esc4000 Dhd G4 Firmware 1.13.7
Asus Esc4000 G4 Firmware 1.15.2
Asus Rs720q-e9-rs24-s Firmware 1.15.0
Asus Rs720q-e9-rs8 Firmware 1.15.0
7.8
CVSSv2
CVE-2021-3229
Denial of service in ASUSWRT ASUS RT-AX3000 firmware versions 3.0.0.4.384_10177 and previous versions versions allows an malicious user to disrupt the use of device setup services via continuous login error.
Asus Rt-ax3000 Firmware
7.5
CVSSv2
CVE-2020-36109
ASUS RT-AX86U router firmware below version under 9.0.0.4_386 has a buffer overflow in the blocking_request.cgi function of the httpd module that can cause code execution when an attacker constructs malicious data.
Asus Rt-ax86u Firmware
2 Github repositories
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761
command injection
CVE-2024-3676
IDOR
CVE-2024-30039
CVE-2024-32113
CVE-2024-30049
CVE-2024-4776
SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »