VYPR

BMC

by Asus

CVEs (31)

  • CVE-2021-28187MedApr 6, 2021
    risk 0.32cvss 4.9epss 0.01

    The specific function in ASUS BMC’s firmware Web management page (Generate new SSL certificate) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to…

  • CVE-2021-28186MedApr 6, 2021
    risk 0.32cvss 4.9epss 0.02

    The specific function in ASUS BMC’s firmware Web management page (ActiveX configuration-2 acquisition) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to…

  • CVE-2021-28185MedApr 6, 2021
    risk 0.32cvss 4.9epss 0.02

    The specific function in ASUS BMC’s firmware Web management page (ActiveX configuration-1 acquisition) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to…

  • CVE-2021-28184MedApr 6, 2021
    risk 0.32cvss 4.9epss 0.02

    The Active Directory configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally…

  • CVE-2021-28183MedApr 6, 2021
    risk 0.32cvss 4.9epss 0.02

    The specific function in ASUS BMC’s firmware Web management page (Web License configuration setting) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to…

  • CVE-2021-28182MedApr 6, 2021
    risk 0.32cvss 4.9epss 0.02

    The Web Service configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate…

  • CVE-2021-28181MedApr 6, 2021
    risk 0.32cvss 4.9epss 0.02

    The specific function in ASUS BMC’s firmware Web management page (Remote video configuration setting) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to…

  • CVE-2021-28180MedApr 6, 2021
    risk 0.32cvss 4.9epss 0.02

    The specific function in ASUS BMC’s firmware Web management page (Audit log configuration setting) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to…

  • CVE-2021-28179MedApr 6, 2021
    risk 0.32cvss 4.9epss 0.02

    The specific function in ASUS BMC’s firmware Web management page (Media support configuration setting) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to…

  • CVE-2021-28176MedApr 6, 2021
    risk 0.32cvss 4.9epss 0.02

    The DNS configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web…

  • CVE-2021-28175MedApr 6, 2021
    risk 0.32cvss 4.9epss 0.02

    The Radius configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the…

Page 2 of 2