Vulnerabilities > Asus > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-04-06 CVE-2021-28182 Classic Buffer Overflow vulnerability in Asus products
The Web Service configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability.
network
low complexity
asus CWE-120
4.9
2021-04-06 CVE-2021-28181 Classic Buffer Overflow vulnerability in Asus products
The specific function in ASUS BMC’s firmware Web management page (Remote video configuration setting) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability.
network
low complexity
asus CWE-120
4.9
2021-04-06 CVE-2021-28180 Classic Buffer Overflow vulnerability in Asus products
The specific function in ASUS BMC’s firmware Web management page (Audit log configuration setting) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability.
network
low complexity
asus CWE-120
4.9
2021-04-06 CVE-2021-28179 Classic Buffer Overflow vulnerability in Asus products
The specific function in ASUS BMC’s firmware Web management page (Media support configuration setting) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability.
network
low complexity
asus CWE-120
4.9
2021-04-06 CVE-2021-28178 Classic Buffer Overflow vulnerability in Asus products
The UEFI configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability.
network
low complexity
asus CWE-120
4.9
2021-04-06 CVE-2021-28177 Classic Buffer Overflow vulnerability in Asus products
The LDAP configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability.
network
low complexity
asus CWE-120
4.9
2021-04-06 CVE-2021-28176 Classic Buffer Overflow vulnerability in Asus products
The DNS configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability.
network
low complexity
asus CWE-120
4.9
2021-04-06 CVE-2021-28175 Classic Buffer Overflow vulnerability in Asus products
The Radius configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability.
network
low complexity
asus CWE-120
4.9
2021-02-19 CVE-2021-27404 Open Redirect vulnerability in Asus Askey Rtf8115Vw Firmware Brsvg11.11Rtftef001V6.54V014
Askey RTF8115VW BR_SV_g11.11_RTF_TEF001_V6.54_V014 devices allow injection of a Host HTTP header.
network
low complexity
asus CWE-601
6.1
2021-02-19 CVE-2021-27403 Cross-site Scripting vulnerability in Asus Askey Rtf8115Vw Firmware Brsvg11.11Rtftef001V6.54V014
Askey RTF8115VW BR_SV_g11.11_RTF_TEF001_V6.54_V014 devices allow cgi-bin/te_acceso_router.cgi curWebPage XSS.
network
low complexity
asus CWE-79
6.1