Vulnerabilities > Asus
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-06 | CVE-2021-32030 | Improper Authentication vulnerability in Asus Gt-Ac2900 Firmware 3.0.0.4.386.41793 The administrator application on ASUS GT-AC2900 devices before 3.0.0.4.386.42643 allows authentication bypass when processing remote input from an unauthenticated user, leading to unauthorized access to the administrator interface. | 7.5 |
| 2021-04-08 | CVE-2021-28686 | Out-of-bounds Write vulnerability in Asus Gputweak II AsIO2_64.sys and AsIO2_32.sys in ASUS GPUTweak II before 2.3.0.3 allow low-privileged users to trigger a stack-based buffer overflow. | 2.1 |
| 2021-04-08 | CVE-2021-28685 | Unspecified vulnerability in Asus Gputweak II AsIO2_64.sys and AsIO2_32.sys in ASUS GPUTweak II before 2.3.0.3 allow low-privileged users to interact directly with physical memory (by calling one of several driver routines that map physical memory into the virtual address space of the calling process) and to interact with MSR registers. | 7.2 |
| 2021-04-06 | CVE-2021-28209 | Path Traversal vulnerability in Asus products The specific function in ASUS BMC’s firmware Web management page (Delete video file function) does not filter the specific parameter. | 6.8 |
| 2021-04-06 | CVE-2021-28208 | Path Traversal vulnerability in Asus products The specific function in ASUS BMC’s firmware Web management page (Get video file function) does not filter the specific parameter. | 6.8 |
| 2021-04-06 | CVE-2021-28207 | Path Traversal vulnerability in Asus products The specific function in ASUS BMC’s firmware Web management page (Get Help file function) does not filter the specific parameter. | 6.8 |
| 2021-04-06 | CVE-2021-28206 | Path Traversal vulnerability in Asus products The specific function in ASUS BMC’s firmware Web management page (Record video file function) does not filter the specific parameter. | 6.8 |
| 2021-04-06 | CVE-2021-28205 | Path Traversal vulnerability in Asus products The specific function in ASUS BMC’s firmware Web management page (Delete SOL video file function) does not filter the specific parameter. | 6.8 |
| 2021-04-06 | CVE-2021-28204 | OS Command Injection vulnerability in Asus products The specific function in ASUS BMC’s firmware Web management page (Modify user’s information function) does not filter the specific parameter. | 6.5 |
| 2021-04-06 | CVE-2021-28203 | OS Command Injection vulnerability in Asus products The Web Set Media Image function in ASUS BMC’s firmware Web management page does not filter the specific parameter. | 6.5 |