Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact
4.9
CVSSv3

CVE-2021-28190

Published: 06/04/2021 Updated: 13/04/2021
CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8
CVSS v3 Base Score: 4.9 | Impact Score: 3.6 | Exploitability Score: 1.2
VMScore: 356
Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P

Vulnerability Summary

The specific function in ASUS BMC’s firmware Web management page (Generate new certificate function) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

asus asmb9-ikvm firmware 1.11.12

asus rs720a-e9-rs24-e firmware 1.10.3

asus rs700a-e9-rs4 firmware 1.10.0

asus rs700-e9-rs4 firmware 1.09

asus esc4000 g4x firmware 1.11.6

asus rs700-e9-rs12 firmware 1.11.5

asus rs100-e10-pi2 firmware 1.13.6

asus rs300-e10-ps4 firmware 1.13.6

asus rs300-e10-rs4 firmware 1.13.6

asus rs500a-e9-ps4 firmware 1.14.1

asus rs500a-e9-rs4 firmware 1.14.1

asus rs500a-e9 rs4 u firmware 1.14.1

asus e700 g4 firmware 1.14.1

asus ws c422 pro/se firmware 1.14.1

asus ws x299 pro/se firmware 1.14.1

asus z11pa-u12 firmware 1.15.1

asus z11pa-u12/10g-2s firmware 1.15.1

asus knpa-u16 firmware 1.13.4

asus esc4000 dhd g4 firmware 1.13.7

asus esc4000 g4 firmware 1.15.2

asus rs720q-e9-rs24-s firmware 1.15.0

asus rs720q-e9-rs8 firmware 1.15.0

asus rs720q-e9-rs8-s firmware 1.15.0

asus z11pa-d8 firmware 1.14.1

asus z11pa-d8c firmware 1.14.1

asus rs720-e9-rs24-u firmware 1.14.3

asus rs720-e9-rs8-g firmware 1.15.2

asus rs500-e9-ps4 firmware 1.15.4

asus pro e800 g4 firmware 1.14.2

asus rs500-e9-rs4 firmware 1.15.4

asus rs500-e9-rs4-u firmware 1.15.4

asus rs520-e9-rs12-e firmware 1.15.3

asus rs520-e9-rs8 firmware 1.15.3

asus esc8000 g4 firmware 1.15.4

asus esc8000 g4/10g firmware 1.15.4

asus rs720-e9-rs12-e firmware 1.15.2

asus ws c621e sage firmware 1.15.1

asus rs500a-e10-ps4 firmware 1.15.2

asus rs500a-e10-rs4 firmware 1.15.2

asus rs700a-e9-rs12v2 firmware 1.15.1

asus rs700a-e9-rs4v2 firmware 1.15.1

asus rs720a-e9-rs12v2 firmware 1.15.2

asus rs720a-e9-rs24v2 firmware 1.15.1

asus z11pr-d16 firmware 1.15.3

References

CWE-120https://www.twcert.org.tw/tw/cp-132-4560-2f01f-1.htmlhttps://www.asus.com/content/ASUS-Product-Security-Advisory/https://www.asus.com/tw/support/callus/https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
deserializationCVE-2024-4541CVE-2024-3080CVE-2024-4787log injectionCVE-2024-5967injectCVE-2024-30078CVE-2024-5899
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook