6.8
CVSSv2

CVE-2021-28206

Published: 06/04/2021 Updated: 14/04/2021
CVSS v2 Base Score: 6.8 | Impact Score: 6.9 | Exploitability Score: 8
CVSS v3 Base Score: 4.9 | Impact Score: 3.6 | Exploitability Score: 1.2
Vector: AV:N/AC:L/Au:S/C:C/I:N/A:N

Vulnerability Summary

The specific function in ASUS BMC’s firmware Web management page (Record video file function) does not filter the specific parameter. As obtaining the administrator permission, remote attackers can use the means of path traversal to access system files.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

asus asmb9-ikvm_firmware 1.11.12

asus rs720a-e9-rs24-e_firmware 1.10.3

asus rs700a-e9-rs4_firmware 1.10.0

asus rs700-e9-rs4_firmware 1.09

asus esc4000_g4x_firmware 1.11.6

asus rs700-e9-rs12_firmware 1.11.5

asus rs100-e10-pi2_firmware 1.13.6

asus rs300-e10-ps4_firmware 1.13.6

asus rs300-e10-rs4_firmware 1.13.6

asus rs500a-e9-ps4_firmware 1.14.1

asus rs500a-e9-rs4_firmware 1.14.1

asus rs500a-e9_rs4_u_firmware 1.14.1

asus e700_g4_firmware 1.14.1

asus ws_c422_pro\\/se_firmware 1.14.1

asus ws_x299_pro\\/se_firmware 1.14.1

asus z11pa-u12_firmware 1.15.1

asus z11pa-u12\\/10g-2s_firmware 1.15.1

asus knpa-u16_firmware 1.13.4

asus esc4000_dhd_g4_firmware 1.13.7

asus esc4000_g4_firmware 1.15.2

asus rs720q-e9-rs24-s_firmware 1.15.0

asus rs720q-e9-rs8_firmware 1.15.0

asus rs720q-e9-rs8-s_firmware 1.15.0

asus z11pa-d8_firmware 1.14.1

asus z11pa-d8c_firmware 1.14.1

asus rs720-e9-rs24-u_firmware 1.14.3

asus rs720-e9-rs8-g_firmware 1.15.2

asus rs500-e9-ps4_firmware 1.15.4

asus pro_e800_g4_firmware 1.14.2

asus rs500-e9-rs4_firmware 1.15.4

asus rs500-e9-rs4-u_firmware 1.15.4

asus rs520-e9-rs12-e_firmware 1.15.3

asus rs520-e9-rs8_firmware 1.15.3

asus esc8000_g4_firmware 1.15.4

asus esc8000_g4\\/10g_firmware 1.15.4

asus rs720-e9-rs12-e_firmware 1.15.2

asus ws_c621e_sage_firmware 1.15.1

asus rs500a-e10-ps4_firmware 1.15.2

asus rs500a-e10-rs4_firmware 1.15.2

asus rs700a-e9-rs12v2_firmware 1.15.1

asus rs700a-e9-rs4v2_firmware 1.15.1

asus rs720a-e9-rs12v2_firmware 1.15.2

asus rs720a-e9-rs24v2_firmware 1.15.1

asus z11pr-d16_firmware 1.15.3