Vulnerabilities > Asus > Esc8000 G4 Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-06 | CVE-2021-28209 | Path Traversal vulnerability in Asus products The specific function in ASUS BMC’s firmware Web management page (Delete video file function) does not filter the specific parameter. | 6.8 |
| 2021-04-06 | CVE-2021-28208 | Path Traversal vulnerability in Asus products The specific function in ASUS BMC’s firmware Web management page (Get video file function) does not filter the specific parameter. | 6.8 |
| 2021-04-06 | CVE-2021-28207 | Path Traversal vulnerability in Asus products The specific function in ASUS BMC’s firmware Web management page (Get Help file function) does not filter the specific parameter. | 6.8 |
| 2021-04-06 | CVE-2021-28206 | Path Traversal vulnerability in Asus products The specific function in ASUS BMC’s firmware Web management page (Record video file function) does not filter the specific parameter. | 6.8 |
| 2021-04-06 | CVE-2021-28202 | Classic Buffer Overflow vulnerability in Asus products The Service configuration-2 function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. | 4.0 |
| 2021-04-06 | CVE-2021-28201 | Classic Buffer Overflow vulnerability in Asus products The Service configuration-1 function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. | 4.0 |
| 2021-04-06 | CVE-2021-28200 | Classic Buffer Overflow vulnerability in Asus products The CD media configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. | 4.0 |
| 2021-04-06 | CVE-2021-28199 | Classic Buffer Overflow vulnerability in Asus products The specific function in ASUS BMC’s firmware Web management page (Modify user’s information function) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. | 4.0 |
| 2021-04-06 | CVE-2021-28198 | Classic Buffer Overflow vulnerability in Asus products The Firmware protocol configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. | 4.0 |
| 2021-04-06 | CVE-2021-28197 | Classic Buffer Overflow vulnerability in Asus products The Active Directory configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. | 4.0 |