Vulnerabilities > Asus > Z10Pe D16 WS Firmware > High

DATE CVE VULNERABILITY TITLE RISK
2021-04-06 CVE-2021-28204 OS Command Injection vulnerability in Asus products
The specific function in ASUS BMC’s firmware Web management page (Modify user’s information function) does not filter the specific parameter.
network
low complexity
asus CWE-78
7.2
2021-04-06 CVE-2021-28203 OS Command Injection vulnerability in Asus products
The Web Set Media Image function in ASUS BMC’s firmware Web management page does not filter the specific parameter.
network
low complexity
asus CWE-78
7.2