Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 06/04/2021 Updated: 13/04/2021

CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8

CVSS v3 Base Score: 4.9 | Impact Score: 3.6 | Exploitability Score: 1.2

VMScore: 356

Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P

The DNS configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service.

Vulnerable Product	Search on Vulmon	Subscribe to Product
asus z10pr-d16_firmware 1.14.51
asus asmb8-ikvm_firmware 1.14.51
asus z10pe-d16_ws_firmware 1.14.2

CWE-120 https://www.twcert.org.tw/tw/cp-132-4544-0a409-1.html https://www.asus.com/content/ASUS-Product-Security-Advisory/https://www.asus.com/tw/support/callus/https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2021-28176

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect