Vulnerabilities > Asus > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-06 | CVE-2021-28209 | Path Traversal vulnerability in Asus products The specific function in ASUS BMC’s firmware Web management page (Delete video file function) does not filter the specific parameter. | 6.8 |
| 2021-04-06 | CVE-2021-28208 | Path Traversal vulnerability in Asus products The specific function in ASUS BMC’s firmware Web management page (Get video file function) does not filter the specific parameter. | 6.8 |
| 2021-04-06 | CVE-2021-28207 | Path Traversal vulnerability in Asus products The specific function in ASUS BMC’s firmware Web management page (Get Help file function) does not filter the specific parameter. | 6.8 |
| 2021-04-06 | CVE-2021-28206 | Path Traversal vulnerability in Asus products The specific function in ASUS BMC’s firmware Web management page (Record video file function) does not filter the specific parameter. | 6.8 |
| 2021-04-06 | CVE-2021-28205 | Path Traversal vulnerability in Asus products The specific function in ASUS BMC’s firmware Web management page (Delete SOL video file function) does not filter the specific parameter. | 6.8 |
| 2021-04-06 | CVE-2021-28204 | OS Command Injection vulnerability in Asus products The specific function in ASUS BMC’s firmware Web management page (Modify user’s information function) does not filter the specific parameter. | 6.5 |
| 2021-04-06 | CVE-2021-28203 | OS Command Injection vulnerability in Asus products The Web Set Media Image function in ASUS BMC’s firmware Web management page does not filter the specific parameter. | 6.5 |
| 2021-04-06 | CVE-2021-28202 | Classic Buffer Overflow vulnerability in Asus products The Service configuration-2 function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. | 4.0 |
| 2021-04-06 | CVE-2021-28201 | Classic Buffer Overflow vulnerability in Asus products The Service configuration-1 function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. | 4.0 |
| 2021-04-06 | CVE-2021-28200 | Classic Buffer Overflow vulnerability in Asus products The CD media configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. | 4.0 |