Lucene search

CVE-2021-28205

🗓️ 06 Apr 2021 05:17:15Reported by twcertType

cve🔗 web.nvd.nist.gov📰️ 3 Media mentions👁 45 Views

ASUS BMC firmware vulnerability: remote attackers can access system file

Reporter	Title	Published	Views	Family All 4
CNVD	ASUS BMC Firmware Path Traversal Vulnerability (CNVD-2021-36267)	8 Apr 202100:00	–	cnvd
Cvelist	CVE-2021-28205 ASUS BMC's firmware: path traversal - Delete SOL video file function	6 Apr 202105:02	–	cvelist
Prion	Path traversal	6 Apr 202105:15	–	prion
NVD	CVE-2021-28205	6 Apr 202105:15	–	nvd

Nvd

Node

asus z10pr-d16_firmwareMatch1.14.51

AND

asus z10pr-d16Match-

Node

asus asmb8-ikvm_firmwareMatch1.14.51

AND

asus asmb8-ikvmMatch-

Node

asus z10pe-d16_ws_firmwareMatch1.14.2

AND

asus z10pe-d16_wsMatch-

[
  {
    "product": "BMC firmware for Z10PR-D16",
    "vendor": "ASUS",
    "versions": [
      {
        "status": "affected",
        "version": "1.14.51"
      }
    ]
  },
  {
    "product": "BMC firmware for ASMB8-iKVM",
    "vendor": "ASUS",
    "versions": [
      {
        "status": "affected",
        "version": "1.14.51"
      }
    ]
  },
  {
    "product": "BMC firmware for Z10PE-D16 WS",
    "vendor": "ASUS",
    "versions": [
      {
        "status": "affected",
        "version": "1.14.2"
      }
    ]
  }
]

Source	Link
asus	www.asus.com/tw/support/callus/
asus	www.asus.com/content/ASUS-Product-Security-Advisory/
twcert	www.twcert.org.tw/tw/cp-132-4575-2e32d-1.html

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

06 Apr 2021 05:15Current

5.1Medium risk

Vulners AI Score5.1

CVSS26.8

CVSS34.9

EPSS0.00193

CWE-22