3 matches found
CVE-2021-28202
The Service configuration-2 function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service...
CVE-2021-28202 ASUS BMC's firmware: buffer overflow - Service configuration-2 function
The Service configuration-2 function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service...
CVE-2021-28202
The CVE-2021-28202 case concerns ASUS BMC firmware’s Web management page, where the Service configuration-2 function does not validate user-entered string length, causing a buffer overflow. The underlying flaw is improper input length handling in the Web interface, leading to a vulnerability that...