The specific function in ASUS BMC’s firmware Web management page (Generate new SSL certificate) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
asus z10pr-d16 firmware 1.14.51 |
||
asus asmb8-ikvm firmware 1.14.51 |
||
asus z10pe-d16 ws firmware 1.14.2 |