Asus

Z11pa-u12 Firmware

17 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.8

CVE-2021-28209

  • EPSS 0.5%
  • Published 06.04.2021 05:15:17
  • Last modified 21.11.2024 05:59:22

The specific function in ASUS BMC’s firmware Web management page (Delete video file function) does not filter the specific parameter. As obtaining the administrator permission, remote attackers can use the means of path traversal to access system fil...

6.8

CVE-2021-28208

  • EPSS 0.5%
  • Published 06.04.2021 05:15:17
  • Last modified 21.11.2024 05:59:21

The specific function in ASUS BMC’s firmware Web management page (Get video file function) does not filter the specific parameter. As obtaining the administrator permission, remote attackers can use the means of path traversal to access system files.

6.8

CVE-2021-28207

  • EPSS 0.5%
  • Published 06.04.2021 05:15:17
  • Last modified 21.11.2024 05:59:21

The specific function in ASUS BMC’s firmware Web management page (Get Help file function) does not filter the specific parameter. As obtaining the administrator permission, remote attackers can use the means of path traversal to access system files.

6.8

CVE-2021-28206

  • EPSS 0.5%
  • Published 06.04.2021 05:15:17
  • Last modified 21.11.2024 05:59:21

The specific function in ASUS BMC’s firmware Web management page (Record video file function) does not filter the specific parameter. As obtaining the administrator permission, remote attackers can use the means of path traversal to access system fil...

4.9

CVE-2021-28198

  • EPSS 0.9%
  • Published 06.04.2021 05:15:16
  • Last modified 21.11.2024 05:59:20

The Firmware protocol configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the...

4.9

CVE-2021-28202

  • EPSS 0.9%
  • Published 06.04.2021 05:15:16
  • Last modified 21.11.2024 05:59:20

The Service configuration-2 function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage...

4.9

CVE-2021-28201

  • EPSS 0.9%
  • Published 06.04.2021 05:15:16
  • Last modified 21.11.2024 05:59:20

The Service configuration-1 function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage...

4.9

CVE-2021-28200

  • EPSS 0.9%
  • Published 06.04.2021 05:15:16
  • Last modified 21.11.2024 05:59:20

The CD media configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage ...

4.9

CVE-2021-28199

  • EPSS 0.9%
  • Published 06.04.2021 05:15:16
  • Last modified 21.11.2024 05:59:20

The specific function in ASUS BMC’s firmware Web management page (Modify user’s information function) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote att...

4.9

CVE-2021-28197

  • EPSS 0.9%
  • Published 06.04.2021 05:15:16
  • Last modified 21.11.2024 05:59:19

The Active Directory configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the ...