ASUS BMC firmware Web management page allows remote command injection via Modify user’s information function
Reporter | Title | Published | Views | Family All 4 |
---|---|---|---|---|
![]() | Command injection | 6 Apr 202105:15 | – | prion |
![]() | ASUS BMC Firmware OS Command Injection Vulnerability (CNVD-2021-36013) | 8 Apr 202100:00 | – | cnvd |
![]() | CVE-2021-28204 ASUS BMC's firmware: command injection - Modify user’s information function | 6 Apr 202105:02 | – | cvelist |
![]() | CVE-2021-28204 | 6 Apr 202105:15 | – | nvd |
[
{
"product": "BMC firmware for Z10PR-D16",
"vendor": "ASUS",
"versions": [
{
"status": "affected",
"version": "1.14.51"
}
]
},
{
"product": "BMC firmware for ASMB8-iKVM",
"vendor": "ASUS",
"versions": [
{
"status": "affected",
"version": "1.14.51"
}
]
},
{
"product": "BMC firmware for Z10PE-D16 WS",
"vendor": "ASUS",
"versions": [
{
"status": "affected",
"version": "1.14.2"
}
]
}
]
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo