Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2018-14712

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-13 May, 2019 | 12:21
Updated At-05 Aug, 2024 | 09:38
Rejected At-
Credits

Buffer overflow in appGet.cgi on ASUS RT-AC3200 version 3.0.0.4.382.50010 allows attackers to inject system commands via the "hook" URL parameter.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:13 May, 2019 | 12:21
Updated At:05 Aug, 2024 | 09:38
Rejected At:
▼CVE Numbering Authority (CNA)

Buffer overflow in appGet.cgi on ASUS RT-AC3200 version 3.0.0.4.382.50010 allows attackers to inject system commands via the "hook" URL parameter.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://blog.securityevaluators.com/asus-routers-overflow-with-vulnerabilities-b111bc1c8eb8
x_refsource_MISC
Hyperlink: https://blog.securityevaluators.com/asus-routers-overflow-with-vulnerabilities-b111bc1c8eb8
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://blog.securityevaluators.com/asus-routers-overflow-with-vulnerabilities-b111bc1c8eb8
x_refsource_MISC
x_transferred
Hyperlink: https://blog.securityevaluators.com/asus-routers-overflow-with-vulnerabilities-b111bc1c8eb8
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:13 May, 2019 | 13:29
Updated At:14 May, 2019 | 20:59

Buffer overflow in appGet.cgi on ASUS RT-AC3200 version 3.0.0.4.382.50010 allows attackers to inject system commands via the "hook" URL parameter.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.06.5MEDIUM
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Primary2.04.0MEDIUM
AV:N/AC:L/Au:S/C:N/I:N/A:P
Type: Primary
Version: 3.0
Base score: 6.5
Base severity: MEDIUM
Vector:
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Type: Primary
Version: 2.0
Base score: 4.0
Base severity: MEDIUM
Vector:
AV:N/AC:L/Au:S/C:N/I:N/A:P
CPE Matches
ASUS (ASUSTeK Computer Inc.)
asus
>>rt-ac3200_firmware>>3.0.0.4.382.50010
cpe:2.3:o:asus:rt-ac3200_firmware:3.0.0.4.382.50010:*:*:*:*:*:*:*
ASUS (ASUSTeK Computer Inc.)
asus
>>rt-ac3200>>-
cpe:2.3:h:asus:rt-ac3200:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-119Primarynvd@nist.gov
CWE ID: CWE-119
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://blog.securityevaluators.com/asus-routers-overflow-with-vulnerabilities-b111bc1c8eb8cve@mitre.org
Exploit
Third Party Advisory
Hyperlink: https://blog.securityevaluators.com/asus-routers-overflow-with-vulnerabilities-b111bc1c8eb8
Source: cve@mitre.org
Resource:
Exploit
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

106Records found
CVE-2021-28179
Matching Score-8
Assigner-TWCERT/CC
ShareView Details
Matching Score-8
Assigner-TWCERT/CC
CVSS Score-4.9||MEDIUM
EPSS-0.90% / 75.18%
||
7 Day CHG~0.00%
Published-06 Apr, 2021 | 05:02
Updated-17 Sep, 2024 | 01:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ASUS BMC's firmware: buffer overflow - Media support configuration setting

The specific function in ASUS BMC’s firmware Web management page (Media support configuration setting) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service.

Action-Not Available
Vendor-ASUS (ASUSTeK Computer Inc.)
Product-z10pe-d16_ws_firmwarez10pr-d16_firmwareasmb8-ikvm_firmwarez10pe-d16_wsz10pr-d16asmb8-ikvmBMC firmware for Z10PR-D16BMC firmware for ASMB8-iKVMBMC firmware for Z10PE-D16 WS
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-28191
Matching Score-8
Assigner-TWCERT/CC
ShareView Details
Matching Score-8
Assigner-TWCERT/CC
CVSS Score-4.9||MEDIUM
EPSS-0.90% / 75.18%
||
7 Day CHG~0.00%
Published-06 Apr, 2021 | 05:02
Updated-16 Sep, 2024 | 19:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ASUS BMC's firmware: buffer overflow - Firmware update function

The Firmware update function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service.

Action-Not Available
Vendor-ASUS (ASUSTeK Computer Inc.)
Product-z11pa-d8_firmwarers500-e9-rs4_firmwarers500a-e9_rs4_u_firmwarers700-e9-rs12_firmwarews_c422_pro\/se_firmwareesc4000_g4_firmwarers720-e9-rs12-ers500-e9-rs4-u_firmwarers720q-e9-rs8_firmwarers300-e10-rs4_firmwarers100-e10-pi2rs700a-e9-rs4v2_firmwarez11pa-d8c_firmwarers720a-e9-rs12v2rs720q-e9-rs8-srs500a-e10-ps4rs700-e9-rs4_firmwarers500-e9-ps4ws_c422_pro\/sers500-e9-rs4esc8000_g4_firmwarers500a-e9_rs4_uz11pr-d16rs520-e9-rs12-e_firmwarers500a-e10-ps4_firmwarews_c621e_sagers500a-e10-rs4rs300-e10-rs4z11pa-d8rs700a-e9-rs12v2_firmwarez11pa-u12\/10g-2srs300-e10-ps4asmb9-ikvmrs500a-e10-rs4_firmwarez11pa-u12rs500a-e9-rs4rs720a-e9-rs24-eesc4000_dhd_g4_firmwarers700a-e9-rs4_firmwarers700a-e9-rs4v2esc8000_g4rs720a-e9-rs24-e_firmwarepro_e800_g4rs720q-e9-rs8rs720a-e9-rs24v2e700_g4_firmwarers500-e9-rs4-urs700-e9-rs4z11pr-d16_firmwarers100-e10-pi2_firmwareesc4000_g4x_firmwarers500-e9-ps4_firmwarers520-e9-rs8rs500a-e9-ps4_firmwarers700a-e9-rs12v2rs520-e9-rs8_firmwarers720q-e9-rs24-srs520-e9-rs12-epro_e800_g4_firmwarez11pa-u12_firmwarez11pa-d8cknpa-u16esc4000_g4rs500a-e9-rs4_firmwarers720q-e9-rs24-s_firmwarez11pa-u12\/10g-2s_firmwarers700-e9-rs12ws_c621e_sage_firmwareknpa-u16_firmwareesc4000_dhd_g4rs720-e9-rs12-e_firmwarews_x299_pro\/sews_x299_pro\/se_firmwarers500a-e9-ps4asmb9-ikvm_firmwarers700a-e9-rs4rs720-e9-rs24-uesc8000_g4\/10g_firmwarers720a-e9-rs24v2_firmwareesc4000_g4xrs300-e10-ps4_firmwarers720-e9-rs8-grs720a-e9-rs12v2_firmwarers720-e9-rs8-g_firmwaree700_g4rs720-e9-rs24-u_firmwarers720q-e9-rs8-s_firmwareesc8000_g4\/10gBMC firmware for KNPA-U16BMC firmware for RS720Q-E9-RS24-SBMC firmware for ESC4000 G4XBMC firmware for RS500A-E9-RS4BMC firmware for Z11PA-D8BMC firmware for Z11PA-U12BMC firmware for ESC4000 DHD G4BMC firmware for RS720A-E9-RS12V2BMC firmware for WS C621E SAGEBMC firmware for RS500A-E10-RS4BMC firmware for RS520-E9-RS8BMC firmware for Pro E800 G4BMC firmware for RS500A-E9-PS4BMC firmware for RS500-E9-RS4BMC firmware for RS720-E9-RS24-UBMC firmware for Z11PA-U12/10G-2SBMC firmware for RS700A-E9-RS12V2BMC firmware for ASMB9-iKVMBMC firmware for RS720-E9-RS8-GBMC firmware for RS720A-E9-RS24V2BMC firmware for ESC4000 G4BMC firmware for RS500A-E10-PS4BMC firmware for RS700A-E9-RS4BMC firmware for E700 G4BMC firmware for RS100-E10-PI2BMC firmware for RS500-E9-PS4BMC firmware for ESC8000 G4BMC firmware for RS700-E9-RS4BMC firmware for Z11PR-D16BMC firmware for RS500-E9-RS4-UBMC firmware for RS720Q-E9-RS8-SBMC firmware for RS700-E9-RS12BMC firmware for RS720-E9-RS12-EBMC firmware for RS720Q-E9-RS8BMC firmware for ESC8000 G4/10GBMC firmware for Z11PA-D8CBMC firmware for RS500A-E9 RS4BMC firmware for RS300-E10-RS4BMC firmware for RS300-E10-PS4BMC firmware for RS700A-E9-RS4V2BMC firmware for WS C422 PRO/SEBMC firmware for RS520-E9-RS12-EBMC firmware for WS X299 PRO/SEBMC firmware for RS720A-E9-RS24-E
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-28189
Matching Score-8
Assigner-TWCERT/CC
ShareView Details
Matching Score-8
Assigner-TWCERT/CC
CVSS Score-4.9||MEDIUM
EPSS-0.90% / 75.18%
||
7 Day CHG~0.00%
Published-06 Apr, 2021 | 05:02
Updated-17 Sep, 2024 | 02:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ASUS BMC's firmware: buffer overflow - SMTP configuration function

The SMTP configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service.

Action-Not Available
Vendor-ASUS (ASUSTeK Computer Inc.)
Product-z10pe-d16_ws_firmwarez10pr-d16_firmwareasmb8-ikvm_firmwarez10pe-d16_wsz10pr-d16asmb8-ikvmBMC firmware for Z10PR-D16BMC firmware for ASMB8-iKVMBMC firmware for Z10PE-D16 WS
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-28193
Matching Score-8
Assigner-TWCERT/CC
ShareView Details
Matching Score-8
Assigner-TWCERT/CC
CVSS Score-4.9||MEDIUM
EPSS-0.90% / 75.18%
||
7 Day CHG~0.00%
Published-06 Apr, 2021 | 05:02
Updated-17 Sep, 2024 | 03:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ASUS BMC's firmware: buffer overflow - SMTP configuration function

The SMTP configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service.

Action-Not Available
Vendor-ASUS (ASUSTeK Computer Inc.)
Product-z11pa-d8_firmwarers500-e9-rs4_firmwarers500a-e9_rs4_u_firmwarers700-e9-rs12_firmwarews_c422_pro\/se_firmwareesc4000_g4_firmwarers720-e9-rs12-ers500-e9-rs4-u_firmwarers720q-e9-rs8_firmwarers300-e10-rs4_firmwarers100-e10-pi2rs700a-e9-rs4v2_firmwarez11pa-d8c_firmwarers720a-e9-rs12v2rs720q-e9-rs8-srs500a-e10-ps4rs700-e9-rs4_firmwarers500-e9-ps4ws_c422_pro\/sers500-e9-rs4esc8000_g4_firmwarers500a-e9_rs4_uz11pr-d16rs520-e9-rs12-e_firmwarers500a-e10-ps4_firmwarews_c621e_sagers500a-e10-rs4rs300-e10-rs4z11pa-d8rs700a-e9-rs12v2_firmwarez11pa-u12\/10g-2srs300-e10-ps4asmb9-ikvmrs500a-e10-rs4_firmwarez11pa-u12rs500a-e9-rs4rs720a-e9-rs24-eesc4000_dhd_g4_firmwarers700a-e9-rs4_firmwarers700a-e9-rs4v2esc8000_g4rs720a-e9-rs24-e_firmwarepro_e800_g4rs720q-e9-rs8rs720a-e9-rs24v2e700_g4_firmwarers500-e9-rs4-urs700-e9-rs4z11pr-d16_firmwarers100-e10-pi2_firmwareesc4000_g4x_firmwarers500-e9-ps4_firmwarers520-e9-rs8rs500a-e9-ps4_firmwarers700a-e9-rs12v2rs520-e9-rs8_firmwarers720q-e9-rs24-srs520-e9-rs12-epro_e800_g4_firmwarez11pa-u12_firmwarez11pa-d8cknpa-u16esc4000_g4rs500a-e9-rs4_firmwarers720q-e9-rs24-s_firmwarez11pa-u12\/10g-2s_firmwarers700-e9-rs12ws_c621e_sage_firmwareknpa-u16_firmwareesc4000_dhd_g4rs720-e9-rs12-e_firmwarews_x299_pro\/sews_x299_pro\/se_firmwarers500a-e9-ps4asmb9-ikvm_firmwarers700a-e9-rs4rs720-e9-rs24-uesc8000_g4\/10g_firmwarers720a-e9-rs24v2_firmwareesc4000_g4xrs300-e10-ps4_firmwarers720-e9-rs8-grs720a-e9-rs12v2_firmwarers720-e9-rs8-g_firmwaree700_g4rs720-e9-rs24-u_firmwarers720q-e9-rs8-s_firmwareesc8000_g4\/10gBMC firmware for KNPA-U16BMC firmware for RS720Q-E9-RS24-SBMC firmware for ESC4000 G4XBMC firmware for RS500A-E9-RS4BMC firmware for Z11PA-D8BMC firmware for Z11PA-U12BMC firmware for ESC4000 DHD G4BMC firmware for RS720A-E9-RS12V2BMC firmware for WS C621E SAGEBMC firmware for RS500A-E10-RS4BMC firmware for RS520-E9-RS8BMC firmware for Pro E800 G4BMC firmware for RS500A-E9-PS4BMC firmware for RS500-E9-RS4BMC firmware for RS720-E9-RS24-UBMC firmware for Z11PA-U12/10G-2SBMC firmware for RS700A-E9-RS12V2BMC firmware for ASMB9-iKVMBMC firmware for RS720-E9-RS8-GBMC firmware for RS720A-E9-RS24V2BMC firmware for ESC4000 G4BMC firmware for RS500A-E10-PS4BMC firmware for RS700A-E9-RS4BMC firmware for E700 G4BMC firmware for RS100-E10-PI2BMC firmware for RS500-E9-PS4BMC firmware for ESC8000 G4BMC firmware for RS700-E9-RS4BMC firmware for Z11PR-D16BMC firmware for RS500-E9-RS4-UBMC firmware for RS720Q-E9-RS8-SBMC firmware for RS700-E9-RS12BMC firmware for RS720-E9-RS12-EBMC firmware for RS720Q-E9-RS8BMC firmware for ESC8000 G4/10GBMC firmware for Z11PA-D8CBMC firmware for RS500A-E9 RS4BMC firmware for RS300-E10-RS4BMC firmware for RS300-E10-PS4BMC firmware for RS700A-E9-RS4V2BMC firmware for WS C422 PRO/SEBMC firmware for RS520-E9-RS12-EBMC firmware for WS X299 PRO/SEBMC firmware for RS720A-E9-RS24-E
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-28178
Matching Score-8
Assigner-TWCERT/CC
ShareView Details
Matching Score-8
Assigner-TWCERT/CC
CVSS Score-4.9||MEDIUM
EPSS-0.90% / 75.18%
||
7 Day CHG~0.00%
Published-06 Apr, 2021 | 05:02
Updated-16 Sep, 2024 | 17:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ASUS BMC's firmware: buffer overflow - UEFI configuration function

The UEFI configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service.

Action-Not Available
Vendor-ASUS (ASUSTeK Computer Inc.)
Product-z10pe-d16_ws_firmwarez10pr-d16_firmwareasmb8-ikvm_firmwarez10pe-d16_wsz10pr-d16asmb8-ikvmBMC firmware for Z10PR-D16BMC firmware for ASMB8-iKVMBMC firmware for Z10PE-D16 WS
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-28199
Matching Score-8
Assigner-TWCERT/CC
ShareView Details
Matching Score-8
Assigner-TWCERT/CC
CVSS Score-4.9||MEDIUM
EPSS-0.90% / 75.18%
||
7 Day CHG~0.00%
Published-06 Apr, 2021 | 05:02
Updated-16 Sep, 2024 | 16:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ASUS BMC's firmware: buffer overflow - Modify user’s information function

The specific function in ASUS BMC’s firmware Web management page (Modify user’s information function) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service.

Action-Not Available
Vendor-ASUS (ASUSTeK Computer Inc.)
Product-z11pa-d8_firmwarers500-e9-rs4_firmwarers500a-e9_rs4_u_firmwarers700-e9-rs12_firmwarews_c422_pro\/se_firmwareesc4000_g4_firmwarers720-e9-rs12-ers500-e9-rs4-u_firmwarers720q-e9-rs8_firmwarers300-e10-rs4_firmwarers100-e10-pi2rs700a-e9-rs4v2_firmwarez11pa-d8c_firmwarers720a-e9-rs12v2rs720q-e9-rs8-srs500a-e10-ps4rs700-e9-rs4_firmwarers500-e9-ps4ws_c422_pro\/sers500-e9-rs4esc8000_g4_firmwarers500a-e9_rs4_uz11pr-d16rs520-e9-rs12-e_firmwarers500a-e10-ps4_firmwarews_c621e_sagers500a-e10-rs4rs300-e10-rs4z11pa-d8rs700a-e9-rs12v2_firmwarez11pa-u12\/10g-2srs300-e10-ps4asmb9-ikvmrs500a-e10-rs4_firmwarez11pa-u12rs500a-e9-rs4rs720a-e9-rs24-eesc4000_dhd_g4_firmwarers700a-e9-rs4_firmwarers700a-e9-rs4v2esc8000_g4rs720a-e9-rs24-e_firmwarepro_e800_g4rs720q-e9-rs8rs720a-e9-rs24v2e700_g4_firmwarers500-e9-rs4-urs700-e9-rs4z11pr-d16_firmwarers100-e10-pi2_firmwareesc4000_g4x_firmwarers500-e9-ps4_firmwarers520-e9-rs8rs500a-e9-ps4_firmwarers700a-e9-rs12v2rs520-e9-rs8_firmwarers720q-e9-rs24-srs520-e9-rs12-epro_e800_g4_firmwarez11pa-u12_firmwarez11pa-d8cknpa-u16esc4000_g4rs500a-e9-rs4_firmwarers720q-e9-rs24-s_firmwarez11pa-u12\/10g-2s_firmwarers700-e9-rs12ws_c621e_sage_firmwareknpa-u16_firmwareesc4000_dhd_g4rs720-e9-rs12-e_firmwarews_x299_pro\/sews_x299_pro\/se_firmwarers500a-e9-ps4asmb9-ikvm_firmwarers700a-e9-rs4rs720-e9-rs24-uesc8000_g4\/10g_firmwarers720a-e9-rs24v2_firmwareesc4000_g4xrs300-e10-ps4_firmwarers720-e9-rs8-grs720a-e9-rs12v2_firmwarers720-e9-rs8-g_firmwaree700_g4rs720-e9-rs24-u_firmwarers720q-e9-rs8-s_firmwareesc8000_g4\/10gBMC firmware for KNPA-U16BMC firmware for RS720Q-E9-RS24-SBMC firmware for ESC4000 G4XBMC firmware for RS500A-E9-RS4BMC firmware for Z11PA-D8BMC firmware for Z11PA-U12BMC firmware for ESC4000 DHD G4BMC firmware for RS720A-E9-RS12V2BMC firmware for WS C621E SAGEBMC firmware for RS500A-E10-RS4BMC firmware for RS520-E9-RS8BMC firmware for Pro E800 G4BMC firmware for RS500A-E9-PS4BMC firmware for RS500-E9-RS4BMC firmware for RS720-E9-RS24-UBMC firmware for Z11PA-U12/10G-2SBMC firmware for RS700A-E9-RS12V2BMC firmware for ASMB9-iKVMBMC firmware for RS720-E9-RS8-GBMC firmware for RS720A-E9-RS24V2BMC firmware for ESC4000 G4BMC firmware for RS500A-E10-PS4BMC firmware for RS700A-E9-RS4BMC firmware for E700 G4BMC firmware for RS100-E10-PI2BMC firmware for RS500-E9-PS4BMC firmware for ESC8000 G4BMC firmware for RS700-E9-RS4BMC firmware for Z11PR-D16BMC firmware for RS500-E9-RS4-UBMC firmware for RS720Q-E9-RS8-SBMC firmware for RS700-E9-RS12BMC firmware for RS720-E9-RS12-EBMC firmware for RS720Q-E9-RS8BMC firmware for ESC8000 G4/10GBMC firmware for Z11PA-D8CBMC firmware for RS500A-E9 RS4BMC firmware for RS300-E10-RS4BMC firmware for RS300-E10-PS4BMC firmware for RS700A-E9-RS4V2BMC firmware for WS C422 PRO/SEBMC firmware for RS520-E9-RS12-EBMC firmware for WS X299 PRO/SEBMC firmware for RS720A-E9-RS24-E
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-28202
Matching Score-8
Assigner-TWCERT/CC
ShareView Details
Matching Score-8
Assigner-TWCERT/CC
CVSS Score-4.9||MEDIUM
EPSS-0.90% / 75.18%
||
7 Day CHG~0.00%
Published-06 Apr, 2021 | 05:02
Updated-17 Sep, 2024 | 02:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ASUS BMC's firmware: buffer overflow - Service configuration-2 function

The Service configuration-2 function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service.

Action-Not Available
Vendor-ASUS (ASUSTeK Computer Inc.)
Product-z11pa-d8_firmwarers500-e9-rs4_firmwarers500a-e9_rs4_u_firmwarers700-e9-rs12_firmwarews_c422_pro\/se_firmwareesc4000_g4_firmwarers720-e9-rs12-ers500-e9-rs4-u_firmwarers720q-e9-rs8_firmwarers300-e10-rs4_firmwarers100-e10-pi2rs700a-e9-rs4v2_firmwarez11pa-d8c_firmwarers720a-e9-rs12v2rs720q-e9-rs8-srs500a-e10-ps4rs700-e9-rs4_firmwarers500-e9-ps4ws_c422_pro\/sers500-e9-rs4esc8000_g4_firmwarers500a-e9_rs4_uz11pr-d16rs520-e9-rs12-e_firmwarers500a-e10-ps4_firmwarews_c621e_sagers500a-e10-rs4rs300-e10-rs4z11pa-d8rs700a-e9-rs12v2_firmwarez11pa-u12\/10g-2srs300-e10-ps4asmb9-ikvmrs500a-e10-rs4_firmwarez11pa-u12rs500a-e9-rs4rs720a-e9-rs24-eesc4000_dhd_g4_firmwarers700a-e9-rs4_firmwarers700a-e9-rs4v2esc8000_g4rs720a-e9-rs24-e_firmwarepro_e800_g4rs720q-e9-rs8rs720a-e9-rs24v2e700_g4_firmwarers500-e9-rs4-urs700-e9-rs4z11pr-d16_firmwarers100-e10-pi2_firmwareesc4000_g4x_firmwarers500-e9-ps4_firmwarers520-e9-rs8rs500a-e9-ps4_firmwarers700a-e9-rs12v2rs520-e9-rs8_firmwarers720q-e9-rs24-srs520-e9-rs12-epro_e800_g4_firmwarez11pa-u12_firmwarez11pa-d8cknpa-u16esc4000_g4rs500a-e9-rs4_firmwarers720q-e9-rs24-s_firmwarez11pa-u12\/10g-2s_firmwarers700-e9-rs12ws_c621e_sage_firmwareknpa-u16_firmwareesc4000_dhd_g4rs720-e9-rs12-e_firmwarews_x299_pro\/sews_x299_pro\/se_firmwarers500a-e9-ps4asmb9-ikvm_firmwarers700a-e9-rs4rs720-e9-rs24-uesc8000_g4\/10g_firmwarers720a-e9-rs24v2_firmwareesc4000_g4xrs300-e10-ps4_firmwarers720-e9-rs8-grs720a-e9-rs12v2_firmwarers720-e9-rs8-g_firmwaree700_g4rs720-e9-rs24-u_firmwarers720q-e9-rs8-s_firmwareesc8000_g4\/10gBMC firmware for KNPA-U16BMC firmware for RS720Q-E9-RS24-SBMC firmware for ESC4000 G4XBMC firmware for RS500A-E9-RS4BMC firmware for Z11PA-D8BMC firmware for Z11PA-U12BMC firmware for ESC4000 DHD G4BMC firmware for RS720A-E9-RS12V2BMC firmware for WS C621E SAGEBMC firmware for RS500A-E10-RS4BMC firmware for RS520-E9-RS8BMC firmware for Pro E800 G4BMC firmware for RS500A-E9-PS4BMC firmware for RS500-E9-RS4BMC firmware for RS720-E9-RS24-UBMC firmware for Z11PA-U12/10G-2SBMC firmware for RS700A-E9-RS12V2BMC firmware for ASMB9-iKVMBMC firmware for RS720-E9-RS8-GBMC firmware for RS720A-E9-RS24V2BMC firmware for ESC4000 G4BMC firmware for RS500A-E10-PS4BMC firmware for RS700A-E9-RS4BMC firmware for E700 G4BMC firmware for RS100-E10-PI2BMC firmware for RS500-E9-PS4BMC firmware for ESC8000 G4BMC firmware for RS700-E9-RS4BMC firmware for Z11PR-D16BMC firmware for RS500-E9-RS4-UBMC firmware for RS720Q-E9-RS8-SBMC firmware for RS700-E9-RS12BMC firmware for RS720-E9-RS12-EBMC firmware for RS720Q-E9-RS8BMC firmware for ESC8000 G4/10GBMC firmware for Z11PA-D8CBMC firmware for RS500A-E9 RS4BMC firmware for RS300-E10-RS4BMC firmware for RS300-E10-PS4BMC firmware for RS700A-E9-RS4V2BMC firmware for WS C422 PRO/SEBMC firmware for RS520-E9-RS12-EBMC firmware for WS X299 PRO/SEBMC firmware for RS720A-E9-RS24-E
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-28201
Matching Score-8
Assigner-TWCERT/CC
ShareView Details
Matching Score-8
Assigner-TWCERT/CC
CVSS Score-4.9||MEDIUM
EPSS-0.90% / 75.18%
||
7 Day CHG~0.00%
Published-06 Apr, 2021 | 05:02
Updated-17 Sep, 2024 | 01:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ASUS BMC's firmware: buffer overflow - Service configuration-1 function

The Service configuration-1 function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service.

Action-Not Available
Vendor-ASUS (ASUSTeK Computer Inc.)
Product-z11pa-d8_firmwarers500-e9-rs4_firmwarers500a-e9_rs4_u_firmwarers700-e9-rs12_firmwarews_c422_pro\/se_firmwareesc4000_g4_firmwarers720-e9-rs12-ers500-e9-rs4-u_firmwarers720q-e9-rs8_firmwarers300-e10-rs4_firmwarers100-e10-pi2rs700a-e9-rs4v2_firmwarez11pa-d8c_firmwarers720a-e9-rs12v2rs720q-e9-rs8-srs500a-e10-ps4rs700-e9-rs4_firmwarers500-e9-ps4ws_c422_pro\/sers500-e9-rs4esc8000_g4_firmwarers500a-e9_rs4_uz11pr-d16rs520-e9-rs12-e_firmwarers500a-e10-ps4_firmwarews_c621e_sagers500a-e10-rs4rs300-e10-rs4z11pa-d8rs700a-e9-rs12v2_firmwarez11pa-u12\/10g-2srs300-e10-ps4asmb9-ikvmrs500a-e10-rs4_firmwarez11pa-u12rs500a-e9-rs4rs720a-e9-rs24-eesc4000_dhd_g4_firmwarers700a-e9-rs4_firmwarers700a-e9-rs4v2esc8000_g4rs720a-e9-rs24-e_firmwarepro_e800_g4rs720q-e9-rs8rs720a-e9-rs24v2e700_g4_firmwarers500-e9-rs4-urs700-e9-rs4z11pr-d16_firmwarers100-e10-pi2_firmwareesc4000_g4x_firmwarers500-e9-ps4_firmwarers520-e9-rs8rs500a-e9-ps4_firmwarers700a-e9-rs12v2rs520-e9-rs8_firmwarers720q-e9-rs24-srs520-e9-rs12-epro_e800_g4_firmwarez11pa-u12_firmwarez11pa-d8cknpa-u16esc4000_g4rs500a-e9-rs4_firmwarers720q-e9-rs24-s_firmwarez11pa-u12\/10g-2s_firmwarers700-e9-rs12ws_c621e_sage_firmwareknpa-u16_firmwareesc4000_dhd_g4rs720-e9-rs12-e_firmwarews_x299_pro\/sews_x299_pro\/se_firmwarers500a-e9-ps4asmb9-ikvm_firmwarers700a-e9-rs4rs720-e9-rs24-uesc8000_g4\/10g_firmwarers720a-e9-rs24v2_firmwareesc4000_g4xrs300-e10-ps4_firmwarers720-e9-rs8-grs720a-e9-rs12v2_firmwarers720-e9-rs8-g_firmwaree700_g4rs720-e9-rs24-u_firmwarers720q-e9-rs8-s_firmwareesc8000_g4\/10gBMC firmware for KNPA-U16BMC firmware for RS720Q-E9-RS24-SBMC firmware for ESC4000 G4XBMC firmware for RS500A-E9-RS4BMC firmware for Z11PA-D8BMC firmware for Z11PA-U12BMC firmware for ESC4000 DHD G4BMC firmware for RS720A-E9-RS12V2BMC firmware for WS C621E SAGEBMC firmware for RS500A-E10-RS4BMC firmware for RS520-E9-RS8BMC firmware for Pro E800 G4BMC firmware for RS500A-E9-PS4BMC firmware for RS500-E9-RS4BMC firmware for RS720-E9-RS24-UBMC firmware for Z11PA-U12/10G-2SBMC firmware for RS700A-E9-RS12V2BMC firmware for ASMB9-iKVMBMC firmware for RS720-E9-RS8-GBMC firmware for RS720A-E9-RS24V2BMC firmware for ESC4000 G4BMC firmware for RS500A-E10-PS4BMC firmware for RS700A-E9-RS4BMC firmware for E700 G4BMC firmware for RS100-E10-PI2BMC firmware for RS500-E9-PS4BMC firmware for ESC8000 G4BMC firmware for RS700-E9-RS4BMC firmware for Z11PR-D16BMC firmware for RS500-E9-RS4-UBMC firmware for RS720Q-E9-RS8-SBMC firmware for RS700-E9-RS12BMC firmware for RS720-E9-RS12-EBMC firmware for RS720Q-E9-RS8BMC firmware for ESC8000 G4/10GBMC firmware for Z11PA-D8CBMC firmware for RS500A-E9 RS4BMC firmware for RS300-E10-RS4BMC firmware for RS300-E10-PS4BMC firmware for RS700A-E9-RS4V2BMC firmware for WS C422 PRO/SEBMC firmware for RS520-E9-RS12-EBMC firmware for WS X299 PRO/SEBMC firmware for RS720A-E9-RS24-E
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-28197
Matching Score-8
Assigner-TWCERT/CC
ShareView Details
Matching Score-8
Assigner-TWCERT/CC
CVSS Score-4.9||MEDIUM
EPSS-0.90% / 75.18%
||
7 Day CHG~0.00%
Published-06 Apr, 2021 | 05:02
Updated-16 Sep, 2024 | 19:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ASUS BMC's firmware: buffer overflow - Active Directory configuration function

The Active Directory configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service.

Action-Not Available
Vendor-ASUS (ASUSTeK Computer Inc.)
Product-z11pa-d8_firmwarers500-e9-rs4_firmwarers500a-e9_rs4_u_firmwarers700-e9-rs12_firmwarews_c422_pro\/se_firmwareesc4000_g4_firmwarers720-e9-rs12-ers500-e9-rs4-u_firmwarers720q-e9-rs8_firmwarers300-e10-rs4_firmwarers100-e10-pi2rs700a-e9-rs4v2_firmwarez11pa-d8c_firmwarers720a-e9-rs12v2rs720q-e9-rs8-srs500a-e10-ps4rs700-e9-rs4_firmwarers500-e9-ps4ws_c422_pro\/sers500-e9-rs4esc8000_g4_firmwarers500a-e9_rs4_uz11pr-d16rs520-e9-rs12-e_firmwarers500a-e10-ps4_firmwarews_c621e_sagers500a-e10-rs4rs300-e10-rs4z11pa-d8rs700a-e9-rs12v2_firmwarez11pa-u12\/10g-2srs300-e10-ps4asmb9-ikvmrs500a-e10-rs4_firmwarez11pa-u12rs500a-e9-rs4rs720a-e9-rs24-eesc4000_dhd_g4_firmwarers700a-e9-rs4_firmwarers700a-e9-rs4v2esc8000_g4rs720a-e9-rs24-e_firmwarepro_e800_g4rs720q-e9-rs8rs720a-e9-rs24v2e700_g4_firmwarers500-e9-rs4-urs700-e9-rs4z11pr-d16_firmwarers100-e10-pi2_firmwareesc4000_g4x_firmwarers500-e9-ps4_firmwarers520-e9-rs8rs500a-e9-ps4_firmwarers700a-e9-rs12v2rs520-e9-rs8_firmwarers720q-e9-rs24-srs520-e9-rs12-epro_e800_g4_firmwarez11pa-u12_firmwarez11pa-d8cknpa-u16esc4000_g4rs500a-e9-rs4_firmwarers720q-e9-rs24-s_firmwarez11pa-u12\/10g-2s_firmwarers700-e9-rs12ws_c621e_sage_firmwareknpa-u16_firmwareesc4000_dhd_g4rs720-e9-rs12-e_firmwarews_x299_pro\/sews_x299_pro\/se_firmwarers500a-e9-ps4asmb9-ikvm_firmwarers700a-e9-rs4rs720-e9-rs24-uesc8000_g4\/10g_firmwarers720a-e9-rs24v2_firmwareesc4000_g4xrs300-e10-ps4_firmwarers720-e9-rs8-grs720a-e9-rs12v2_firmwarers720-e9-rs8-g_firmwaree700_g4rs720-e9-rs24-u_firmwarers720q-e9-rs8-s_firmwareesc8000_g4\/10gBMC firmware for KNPA-U16BMC firmware for RS720Q-E9-RS24-SBMC firmware for ESC4000 G4XBMC firmware for RS500A-E9-RS4BMC firmware for Z11PA-D8BMC firmware for Z11PA-U12BMC firmware for ESC4000 DHD G4BMC firmware for RS720A-E9-RS12V2BMC firmware for WS C621E SAGEBMC firmware for RS500A-E10-RS4BMC firmware for RS520-E9-RS8BMC firmware for Pro E800 G4BMC firmware for RS500A-E9-PS4BMC firmware for RS500-E9-RS4BMC firmware for RS720-E9-RS24-UBMC firmware for Z11PA-U12/10G-2SBMC firmware for RS700A-E9-RS12V2BMC firmware for ASMB9-iKVMBMC firmware for RS720-E9-RS8-GBMC firmware for RS720A-E9-RS24V2BMC firmware for ESC4000 G4BMC firmware for RS500A-E10-PS4BMC firmware for RS700A-E9-RS4BMC firmware for E700 G4BMC firmware for RS100-E10-PI2BMC firmware for RS500-E9-PS4BMC firmware for ESC8000 G4BMC firmware for RS700-E9-RS4BMC firmware for Z11PR-D16BMC firmware for RS500-E9-RS4-UBMC firmware for RS720Q-E9-RS8-SBMC firmware for RS700-E9-RS12BMC firmware for RS720-E9-RS12-EBMC firmware for RS720Q-E9-RS8BMC firmware for ESC8000 G4/10GBMC firmware for Z11PA-D8CBMC firmware for RS500A-E9 RS4BMC firmware for RS300-E10-RS4BMC firmware for RS300-E10-PS4BMC firmware for RS700A-E9-RS4V2BMC firmware for WS C422 PRO/SEBMC firmware for RS520-E9-RS12-EBMC firmware for WS X299 PRO/SEBMC firmware for RS720A-E9-RS24-E
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-28187
Matching Score-8
Assigner-TWCERT/CC
ShareView Details
Matching Score-8
Assigner-TWCERT/CC
CVSS Score-4.9||MEDIUM
EPSS-0.66% / 70.50%
||
7 Day CHG~0.00%
Published-06 Apr, 2021 | 05:02
Updated-16 Sep, 2024 | 17:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ASUS BMC's firmware: buffer overflow - Generate new SSL certificate

The specific function in ASUS BMC’s firmware Web management page (Generate new SSL certificate) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service.

Action-Not Available
Vendor-ASUS (ASUSTeK Computer Inc.)
Product-z10pe-d16_ws_firmwarez10pr-d16_firmwareasmb8-ikvm_firmwarez10pe-d16_wsz10pr-d16asmb8-ikvmBMC firmware for Z10PR-D16BMC firmware for ASMB8-iKVMBMC firmware for Z10PE-D16 WS
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-28190
Matching Score-8
Assigner-TWCERT/CC
ShareView Details
Matching Score-8
Assigner-TWCERT/CC
CVSS Score-4.9||MEDIUM
EPSS-0.66% / 70.50%
||
7 Day CHG~0.00%
Published-06 Apr, 2021 | 05:02
Updated-16 Sep, 2024 | 17:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ASUS BMC's firmware: buffer overflow - Generate new certificate function

The specific function in ASUS BMC’s firmware Web management page (Generate new certificate function) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service.

Action-Not Available
Vendor-ASUS (ASUSTeK Computer Inc.)
Product-z11pa-d8_firmwarers500-e9-rs4_firmwarers500a-e9_rs4_u_firmwarers700-e9-rs12_firmwarews_c422_pro\/se_firmwareesc4000_g4_firmwarers720-e9-rs12-ers500-e9-rs4-u_firmwarers720q-e9-rs8_firmwarers300-e10-rs4_firmwarers100-e10-pi2rs700a-e9-rs4v2_firmwarez11pa-d8c_firmwarers720a-e9-rs12v2rs720q-e9-rs8-srs500a-e10-ps4rs700-e9-rs4_firmwarers500-e9-ps4ws_c422_pro\/sers500-e9-rs4esc8000_g4_firmwarers500a-e9_rs4_uz11pr-d16rs520-e9-rs12-e_firmwarers500a-e10-ps4_firmwarews_c621e_sagers500a-e10-rs4rs300-e10-rs4z11pa-d8rs700a-e9-rs12v2_firmwarez11pa-u12\/10g-2srs300-e10-ps4asmb9-ikvmrs500a-e10-rs4_firmwarez11pa-u12rs500a-e9-rs4rs720a-e9-rs24-eesc4000_dhd_g4_firmwarers700a-e9-rs4_firmwarers700a-e9-rs4v2esc8000_g4rs720a-e9-rs24-e_firmwarepro_e800_g4rs720q-e9-rs8rs720a-e9-rs24v2e700_g4_firmwarers500-e9-rs4-urs700-e9-rs4z11pr-d16_firmwarers100-e10-pi2_firmwareesc4000_g4x_firmwarers500-e9-ps4_firmwarers520-e9-rs8rs500a-e9-ps4_firmwarers700a-e9-rs12v2rs520-e9-rs8_firmwarers720q-e9-rs24-srs520-e9-rs12-epro_e800_g4_firmwarez11pa-u12_firmwarez11pa-d8cknpa-u16esc4000_g4rs500a-e9-rs4_firmwarers720q-e9-rs24-s_firmwarez11pa-u12\/10g-2s_firmwarers700-e9-rs12ws_c621e_sage_firmwareknpa-u16_firmwareesc4000_dhd_g4rs720-e9-rs12-e_firmwarews_x299_pro\/sews_x299_pro\/se_firmwarers500a-e9-ps4asmb9-ikvm_firmwarers700a-e9-rs4rs720-e9-rs24-uesc8000_g4\/10g_firmwarers720a-e9-rs24v2_firmwareesc4000_g4xrs300-e10-ps4_firmwarers720-e9-rs8-grs720a-e9-rs12v2_firmwarers720-e9-rs8-g_firmwaree700_g4rs720-e9-rs24-u_firmwarers720q-e9-rs8-s_firmwareesc8000_g4\/10gBMC firmware for KNPA-U16BMC firmware for RS720Q-E9-RS24-SBMC firmware for ESC4000 G4XBMC firmware for RS500A-E9-RS4BMC firmware for Z11PA-D8BMC firmware for Z11PA-U12BMC firmware for ESC4000 DHD G4BMC firmware for RS720A-E9-RS12V2BMC firmware for WS C621E SAGEBMC firmware for RS500A-E10-RS4BMC firmware for RS520-E9-RS8BMC firmware for Pro E800 G4BMC firmware for RS500A-E9-PS4BMC firmware for RS500-E9-RS4BMC firmware for RS720-E9-RS24-UBMC firmware for Z11PA-U12/10G-2SBMC firmware for RS700A-E9-RS12V2BMC firmware for ASMB9-iKVMBMC firmware for RS720-E9-RS8-GBMC firmware for RS720A-E9-RS24V2BMC firmware for ESC4000 G4BMC firmware for RS500A-E10-PS4BMC firmware for RS700A-E9-RS4BMC firmware for E700 G4BMC firmware for RS100-E10-PI2BMC firmware for RS500-E9-PS4BMC firmware for ESC8000 G4BMC firmware for RS700-E9-RS4BMC firmware for Z11PR-D16BMC firmware for RS500-E9-RS4-UBMC firmware for RS720Q-E9-RS8-SBMC firmware for RS700-E9-RS12BMC firmware for RS720-E9-RS12-EBMC firmware for RS720Q-E9-RS8BMC firmware for ESC8000 G4/10GBMC firmware for Z11PA-D8CBMC firmware for RS500A-E9 RS4BMC firmware for RS300-E10-RS4BMC firmware for RS300-E10-PS4BMC firmware for RS700A-E9-RS4V2BMC firmware for WS C422 PRO/SEBMC firmware for RS520-E9-RS12-EBMC firmware for WS X299 PRO/SEBMC firmware for RS720A-E9-RS24-E
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-28181
Matching Score-8
Assigner-TWCERT/CC
ShareView Details
Matching Score-8
Assigner-TWCERT/CC
CVSS Score-4.9||MEDIUM
EPSS-0.90% / 75.18%
||
7 Day CHG~0.00%
Published-06 Apr, 2021 | 05:02
Updated-17 Sep, 2024 | 00:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ASUS BMC's firmware: buffer overflow - Remote video configuration setting

The specific function in ASUS BMC’s firmware Web management page (Remote video configuration setting) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service.

Action-Not Available
Vendor-ASUS (ASUSTeK Computer Inc.)
Product-z10pe-d16_ws_firmwarez10pr-d16_firmwareasmb8-ikvm_firmwarez10pe-d16_wsz10pr-d16asmb8-ikvmBMC firmware for Z10PR-D16BMC firmware for ASMB8-iKVMBMC firmware for Z10PE-D16 WS
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-28195
Matching Score-8
Assigner-TWCERT/CC
ShareView Details
Matching Score-8
Assigner-TWCERT/CC
CVSS Score-4.9||MEDIUM
EPSS-0.90% / 75.18%
||
7 Day CHG~0.00%
Published-06 Apr, 2021 | 05:02
Updated-16 Sep, 2024 | 20:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ASUS BMC's firmware: buffer overflow - Radius configuration function

The Radius configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service.

Action-Not Available
Vendor-ASUS (ASUSTeK Computer Inc.)
Product-z11pa-d8_firmwarers500-e9-rs4_firmwarers500a-e9_rs4_u_firmwarers700-e9-rs12_firmwarews_c422_pro\/se_firmwareesc4000_g4_firmwarers720-e9-rs12-ers500-e9-rs4-u_firmwarers720q-e9-rs8_firmwarers300-e10-rs4_firmwarers100-e10-pi2rs700a-e9-rs4v2_firmwarez11pa-d8c_firmwarers720a-e9-rs12v2rs720q-e9-rs8-srs500a-e10-ps4rs700-e9-rs4_firmwarers500-e9-ps4ws_c422_pro\/sers500-e9-rs4esc8000_g4_firmwarers500a-e9_rs4_uz11pr-d16rs520-e9-rs12-e_firmwarers500a-e10-ps4_firmwarews_c621e_sagers500a-e10-rs4rs300-e10-rs4z11pa-d8rs700a-e9-rs12v2_firmwarez11pa-u12\/10g-2srs300-e10-ps4asmb9-ikvmrs500a-e10-rs4_firmwarez11pa-u12rs500a-e9-rs4rs720a-e9-rs24-eesc4000_dhd_g4_firmwarers700a-e9-rs4_firmwarers700a-e9-rs4v2esc8000_g4rs720a-e9-rs24-e_firmwarepro_e800_g4rs720q-e9-rs8rs720a-e9-rs24v2e700_g4_firmwarers500-e9-rs4-urs700-e9-rs4z11pr-d16_firmwarers100-e10-pi2_firmwareesc4000_g4x_firmwarers500-e9-ps4_firmwarers520-e9-rs8rs500a-e9-ps4_firmwarers700a-e9-rs12v2rs520-e9-rs8_firmwarers720q-e9-rs24-srs520-e9-rs12-epro_e800_g4_firmwarez11pa-u12_firmwarez11pa-d8cknpa-u16esc4000_g4rs500a-e9-rs4_firmwarers720q-e9-rs24-s_firmwarez11pa-u12\/10g-2s_firmwarers700-e9-rs12ws_c621e_sage_firmwareknpa-u16_firmwareesc4000_dhd_g4rs720-e9-rs12-e_firmwarews_x299_pro\/sews_x299_pro\/se_firmwarers500a-e9-ps4asmb9-ikvm_firmwarers700a-e9-rs4rs720-e9-rs24-uesc8000_g4\/10g_firmwarers720a-e9-rs24v2_firmwareesc4000_g4xrs300-e10-ps4_firmwarers720-e9-rs8-grs720a-e9-rs12v2_firmwarers720-e9-rs8-g_firmwaree700_g4rs720-e9-rs24-u_firmwarers720q-e9-rs8-s_firmwareesc8000_g4\/10gBMC firmware for KNPA-U16BMC firmware for RS720Q-E9-RS24-SBMC firmware for ESC4000 G4XBMC firmware for RS500A-E9-RS4BMC firmware for Z11PA-D8BMC firmware for Z11PA-U12BMC firmware for ESC4000 DHD G4BMC firmware for RS720A-E9-RS12V2BMC firmware for WS C621E SAGEBMC firmware for RS500A-E10-RS4BMC firmware for RS520-E9-RS8BMC firmware for Pro E800 G4BMC firmware for RS500A-E9-PS4BMC firmware for RS500-E9-RS4BMC firmware for RS720-E9-RS24-UBMC firmware for Z11PA-U12/10G-2SBMC firmware for RS700A-E9-RS12V2BMC firmware for ASMB9-iKVMBMC firmware for RS720-E9-RS8-GBMC firmware for RS720A-E9-RS24V2BMC firmware for ESC4000 G4BMC firmware for RS500A-E10-PS4BMC firmware for RS700A-E9-RS4BMC firmware for E700 G4BMC firmware for RS100-E10-PI2BMC firmware for RS500-E9-PS4BMC firmware for ESC8000 G4BMC firmware for RS700-E9-RS4BMC firmware for Z11PR-D16BMC firmware for RS500-E9-RS4-UBMC firmware for RS720Q-E9-RS8-SBMC firmware for RS700-E9-RS12BMC firmware for RS720-E9-RS12-EBMC firmware for RS720Q-E9-RS8BMC firmware for ESC8000 G4/10GBMC firmware for Z11PA-D8CBMC firmware for RS500A-E9 RS4BMC firmware for RS300-E10-RS4BMC firmware for RS300-E10-PS4BMC firmware for RS700A-E9-RS4V2BMC firmware for WS C422 PRO/SEBMC firmware for RS520-E9-RS12-EBMC firmware for WS X299 PRO/SEBMC firmware for RS720A-E9-RS24-E
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-28182
Matching Score-8
Assigner-TWCERT/CC
ShareView Details
Matching Score-8
Assigner-TWCERT/CC
CVSS Score-4.9||MEDIUM
EPSS-0.90% / 75.18%
||
7 Day CHG~0.00%
Published-06 Apr, 2021 | 05:02
Updated-16 Sep, 2024 | 21:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ASUS BMC's firmware: buffer overflow - Web Service configuration function

The Web Service configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service.

Action-Not Available
Vendor-ASUS (ASUSTeK Computer Inc.)
Product-z10pe-d16_ws_firmwarez10pr-d16_firmwareasmb8-ikvm_firmwarez10pe-d16_wsz10pr-d16asmb8-ikvmBMC firmware for Z10PR-D16BMC firmware for ASMB8-iKVMBMC firmware for Z10PE-D16 WS
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-28200
Matching Score-8
Assigner-TWCERT/CC
ShareView Details
Matching Score-8
Assigner-TWCERT/CC
CVSS Score-4.9||MEDIUM
EPSS-0.90% / 75.18%
||
7 Day CHG~0.00%
Published-06 Apr, 2021 | 05:02
Updated-16 Sep, 2024 | 16:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ASUS BMC's firmware: buffer overflow - CD media configuration function

The CD media configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service.

Action-Not Available
Vendor-ASUS (ASUSTeK Computer Inc.)
Product-z11pa-d8_firmwarers500-e9-rs4_firmwarers500a-e9_rs4_u_firmwarers700-e9-rs12_firmwarews_c422_pro\/se_firmwareesc4000_g4_firmwarers720-e9-rs12-ers500-e9-rs4-u_firmwarers720q-e9-rs8_firmwarers300-e10-rs4_firmwarers100-e10-pi2rs700a-e9-rs4v2_firmwarez11pa-d8c_firmwarers720a-e9-rs12v2rs720q-e9-rs8-srs500a-e10-ps4rs700-e9-rs4_firmwarers500-e9-ps4ws_c422_pro\/sers500-e9-rs4esc8000_g4_firmwarers500a-e9_rs4_uz11pr-d16rs520-e9-rs12-e_firmwarers500a-e10-ps4_firmwarews_c621e_sagers500a-e10-rs4rs300-e10-rs4z11pa-d8rs700a-e9-rs12v2_firmwarez11pa-u12\/10g-2srs300-e10-ps4asmb9-ikvmrs500a-e10-rs4_firmwarez11pa-u12rs500a-e9-rs4rs720a-e9-rs24-eesc4000_dhd_g4_firmwarers700a-e9-rs4_firmwarers700a-e9-rs4v2esc8000_g4rs720a-e9-rs24-e_firmwarepro_e800_g4rs720q-e9-rs8rs720a-e9-rs24v2e700_g4_firmwarers500-e9-rs4-urs700-e9-rs4z11pr-d16_firmwarers100-e10-pi2_firmwareesc4000_g4x_firmwarers500-e9-ps4_firmwarers520-e9-rs8rs500a-e9-ps4_firmwarers700a-e9-rs12v2rs520-e9-rs8_firmwarers720q-e9-rs24-srs520-e9-rs12-epro_e800_g4_firmwarez11pa-u12_firmwarez11pa-d8cknpa-u16esc4000_g4rs500a-e9-rs4_firmwarers720q-e9-rs24-s_firmwarez11pa-u12\/10g-2s_firmwarers700-e9-rs12ws_c621e_sage_firmwareknpa-u16_firmwareesc4000_dhd_g4rs720-e9-rs12-e_firmwarews_x299_pro\/sews_x299_pro\/se_firmwarers500a-e9-ps4asmb9-ikvm_firmwarers700a-e9-rs4rs720-e9-rs24-uesc8000_g4\/10g_firmwarers720a-e9-rs24v2_firmwareesc4000_g4xrs300-e10-ps4_firmwarers720-e9-rs8-grs720a-e9-rs12v2_firmwarers720-e9-rs8-g_firmwaree700_g4rs720-e9-rs24-u_firmwarers720q-e9-rs8-s_firmwareesc8000_g4\/10gBMC firmware for KNPA-U16BMC firmware for RS720Q-E9-RS24-SBMC firmware for ESC4000 G4XBMC firmware for RS500A-E9-RS4BMC firmware for Z11PA-D8BMC firmware for Z11PA-U12BMC firmware for ESC4000 DHD G4BMC firmware for RS720A-E9-RS12V2BMC firmware for WS C621E SAGEBMC firmware for RS500A-E10-RS4BMC firmware for RS520-E9-RS8BMC firmware for Pro E800 G4BMC firmware for RS500A-E9-PS4BMC firmware for RS500-E9-RS4BMC firmware for RS720-E9-RS24-UBMC firmware for Z11PA-U12/10G-2SBMC firmware for RS700A-E9-RS12V2BMC firmware for ASMB9-iKVMBMC firmware for RS720-E9-RS8-GBMC firmware for RS720A-E9-RS24V2BMC firmware for ESC4000 G4BMC firmware for RS500A-E10-PS4BMC firmware for RS700A-E9-RS4BMC firmware for E700 G4BMC firmware for RS100-E10-PI2BMC firmware for RS500-E9-PS4BMC firmware for ESC8000 G4BMC firmware for RS700-E9-RS4BMC firmware for Z11PR-D16BMC firmware for RS500-E9-RS4-UBMC firmware for RS720Q-E9-RS8-SBMC firmware for RS700-E9-RS12BMC firmware for RS720-E9-RS12-EBMC firmware for RS720Q-E9-RS8BMC firmware for ESC8000 G4/10GBMC firmware for Z11PA-D8CBMC firmware for RS500A-E9 RS4BMC firmware for RS300-E10-RS4BMC firmware for RS300-E10-PS4BMC firmware for RS700A-E9-RS4V2BMC firmware for WS C422 PRO/SEBMC firmware for RS520-E9-RS12-EBMC firmware for WS X299 PRO/SEBMC firmware for RS720A-E9-RS24-E
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-28180
Matching Score-8
Assigner-TWCERT/CC
ShareView Details
Matching Score-8
Assigner-TWCERT/CC
CVSS Score-4.9||MEDIUM
EPSS-0.90% / 75.18%
||
7 Day CHG~0.00%
Published-06 Apr, 2021 | 05:02
Updated-16 Sep, 2024 | 23:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ASUS BMC's firmware: buffer overflow - Audit log configuration setting

The specific function in ASUS BMC’s firmware Web management page (Audit log configuration setting) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service.

Action-Not Available
Vendor-ASUS (ASUSTeK Computer Inc.)
Product-z10pe-d16_ws_firmwarez10pr-d16_firmwareasmb8-ikvm_firmwarez10pe-d16_wsz10pr-d16asmb8-ikvmBMC firmware for Z10PR-D16BMC firmware for ASMB8-iKVMBMC firmware for Z10PE-D16 WS
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-28192
Matching Score-8
Assigner-TWCERT/CC
ShareView Details
Matching Score-8
Assigner-TWCERT/CC
CVSS Score-4.9||MEDIUM
EPSS-0.90% / 75.18%
||
7 Day CHG~0.00%
Published-06 Apr, 2021 | 05:02
Updated-17 Sep, 2024 | 03:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ASUS BMC's firmware: buffer overflow - Remote video storage function

The specific function in ASUS BMC’s firmware Web management page (Remote video storage function) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service.

Action-Not Available
Vendor-ASUS (ASUSTeK Computer Inc.)
Product-z11pa-d8_firmwarers500-e9-rs4_firmwarers500a-e9_rs4_u_firmwarers700-e9-rs12_firmwarews_c422_pro\/se_firmwareesc4000_g4_firmwarers720-e9-rs12-ers500-e9-rs4-u_firmwarers720q-e9-rs8_firmwarers300-e10-rs4_firmwarers100-e10-pi2rs700a-e9-rs4v2_firmwarez11pa-d8c_firmwarers720a-e9-rs12v2rs720q-e9-rs8-srs500a-e10-ps4rs700-e9-rs4_firmwarers500-e9-ps4ws_c422_pro\/sers500-e9-rs4esc8000_g4_firmwarers500a-e9_rs4_uz11pr-d16rs520-e9-rs12-e_firmwarers500a-e10-ps4_firmwarews_c621e_sagers500a-e10-rs4rs300-e10-rs4z11pa-d8rs700a-e9-rs12v2_firmwarez11pa-u12\/10g-2srs300-e10-ps4asmb9-ikvmrs500a-e10-rs4_firmwarez11pa-u12rs500a-e9-rs4rs720a-e9-rs24-eesc4000_dhd_g4_firmwarers700a-e9-rs4_firmwarers700a-e9-rs4v2esc8000_g4rs720a-e9-rs24-e_firmwarepro_e800_g4rs720q-e9-rs8rs720a-e9-rs24v2e700_g4_firmwarers500-e9-rs4-urs700-e9-rs4z11pr-d16_firmwarers100-e10-pi2_firmwareesc4000_g4x_firmwarers500-e9-ps4_firmwarers520-e9-rs8rs500a-e9-ps4_firmwarers700a-e9-rs12v2rs520-e9-rs8_firmwarers720q-e9-rs24-srs520-e9-rs12-epro_e800_g4_firmwarez11pa-u12_firmwarez11pa-d8cknpa-u16esc4000_g4rs500a-e9-rs4_firmwarers720q-e9-rs24-s_firmwarez11pa-u12\/10g-2s_firmwarers700-e9-rs12ws_c621e_sage_firmwareknpa-u16_firmwareesc4000_dhd_g4rs720-e9-rs12-e_firmwarews_x299_pro\/sews_x299_pro\/se_firmwarers500a-e9-ps4asmb9-ikvm_firmwarers700a-e9-rs4rs720-e9-rs24-uesc8000_g4\/10g_firmwarers720a-e9-rs24v2_firmwareesc4000_g4xrs300-e10-ps4_firmwarers720-e9-rs8-grs720a-e9-rs12v2_firmwarers720-e9-rs8-g_firmwaree700_g4rs720-e9-rs24-u_firmwarers720q-e9-rs8-s_firmwareesc8000_g4\/10gBMC firmware for KNPA-U16BMC firmware for RS720Q-E9-RS24-SBMC firmware for ESC4000 G4XBMC firmware for RS500A-E9-RS4BMC firmware for Z11PA-D8BMC firmware for Z11PA-U12BMC firmware for ESC4000 DHD G4BMC firmware for RS720A-E9-RS12V2BMC firmware for WS C621E SAGEBMC firmware for RS500A-E10-RS4BMC firmware for RS520-E9-RS8BMC firmware for Pro E800 G4BMC firmware for RS500A-E9-PS4BMC firmware for RS500-E9-RS4BMC firmware for RS720-E9-RS24-UBMC firmware for Z11PA-U12/10G-2SBMC firmware for RS700A-E9-RS12V2BMC firmware for ASMB9-iKVMBMC firmware for RS720-E9-RS8-GBMC firmware for RS720A-E9-RS24V2BMC firmware for ESC4000 G4BMC firmware for RS500A-E10-PS4BMC firmware for RS700A-E9-RS4BMC firmware for E700 G4BMC firmware for RS100-E10-PI2BMC firmware for RS500-E9-PS4BMC firmware for ESC8000 G4BMC firmware for RS700-E9-RS4BMC firmware for Z11PR-D16BMC firmware for RS500-E9-RS4-UBMC firmware for RS720Q-E9-RS8-SBMC firmware for RS700-E9-RS12BMC firmware for RS720-E9-RS12-EBMC firmware for RS720Q-E9-RS8BMC firmware for ESC8000 G4/10GBMC firmware for Z11PA-D8CBMC firmware for RS500A-E9 RS4BMC firmware for RS300-E10-RS4BMC firmware for RS300-E10-PS4BMC firmware for RS700A-E9-RS4V2BMC firmware for WS C422 PRO/SEBMC firmware for RS520-E9-RS12-EBMC firmware for WS X299 PRO/SEBMC firmware for RS720A-E9-RS24-E
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-28176
Matching Score-8
Assigner-TWCERT/CC
ShareView Details
Matching Score-8
Assigner-TWCERT/CC
CVSS Score-4.9||MEDIUM
EPSS-0.90% / 75.18%
||
7 Day CHG~0.00%
Published-06 Apr, 2021 | 05:01
Updated-17 Sep, 2024 | 01:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ASUS BMC's firmware: buffer overflow - DNS configuration function

The DNS configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service.

Action-Not Available
Vendor-ASUS (ASUSTeK Computer Inc.)
Product-z10pe-d16_ws_firmwarez10pr-d16_firmwareasmb8-ikvm_firmwarez10pe-d16_wsz10pr-d16asmb8-ikvmBMC firmware for Z10PR-D16BMC firmware for ASMB8-iKVMBMC firmware for Z10PE-D16 WS
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-28177
Matching Score-8
Assigner-TWCERT/CC
ShareView Details
Matching Score-8
Assigner-TWCERT/CC
CVSS Score-4.9||MEDIUM
EPSS-0.90% / 75.18%
||
7 Day CHG~0.00%
Published-06 Apr, 2021 | 05:02
Updated-16 Sep, 2024 | 19:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ASUS BMC's firmware: buffer overflow - LDAP configuration function

The LDAP configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service.

Action-Not Available
Vendor-ASUS (ASUSTeK Computer Inc.)
Product-z10pe-d16_ws_firmwarez10pr-d16_firmwareasmb8-ikvm_firmwarez10pe-d16_wsz10pr-d16asmb8-ikvmBMC firmware for Z10PR-D16BMC firmware for ASMB8-iKVMBMC firmware for Z10PE-D16 WS
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-28186
Matching Score-8
Assigner-TWCERT/CC
ShareView Details
Matching Score-8
Assigner-TWCERT/CC
CVSS Score-4.9||MEDIUM
EPSS-0.90% / 75.18%
||
7 Day CHG~0.00%
Published-06 Apr, 2021 | 05:02
Updated-16 Sep, 2024 | 23:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ASUS BMC's firmware: buffer overflow - ActiveX configuration-2 acquisition

The specific function in ASUS BMC’s firmware Web management page (ActiveX configuration-2 acquisition) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service.

Action-Not Available
Vendor-ASUS (ASUSTeK Computer Inc.)
Product-z10pe-d16_ws_firmwarez10pr-d16_firmwareasmb8-ikvm_firmwarez10pe-d16_wsz10pr-d16asmb8-ikvmBMC firmware for Z10PR-D16BMC firmware for ASMB8-iKVMBMC firmware for Z10PE-D16 WS
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-28194
Matching Score-8
Assigner-TWCERT/CC
ShareView Details
Matching Score-8
Assigner-TWCERT/CC
CVSS Score-4.9||MEDIUM
EPSS-0.90% / 75.18%
||
7 Day CHG~0.00%
Published-06 Apr, 2021 | 05:02
Updated-17 Sep, 2024 | 04:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ASUS BMC's firmware: buffer overflow - Remote image configuration setting

The specific function in ASUS BMC’s firmware Web management page (Remote image configuration setting) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service.

Action-Not Available
Vendor-ASUS (ASUSTeK Computer Inc.)
Product-z11pa-d8_firmwarers500-e9-rs4_firmwarers500a-e9_rs4_u_firmwarers700-e9-rs12_firmwarews_c422_pro\/se_firmwareesc4000_g4_firmwarers720-e9-rs12-ers500-e9-rs4-u_firmwarers720q-e9-rs8_firmwarers300-e10-rs4_firmwarers100-e10-pi2rs700a-e9-rs4v2_firmwarez11pa-d8c_firmwarers720a-e9-rs12v2rs720q-e9-rs8-srs500a-e10-ps4rs700-e9-rs4_firmwarers500-e9-ps4ws_c422_pro\/sers500-e9-rs4esc8000_g4_firmwarers500a-e9_rs4_uz11pr-d16rs520-e9-rs12-e_firmwarers500a-e10-ps4_firmwarews_c621e_sagers500a-e10-rs4rs300-e10-rs4z11pa-d8rs700a-e9-rs12v2_firmwarez11pa-u12\/10g-2srs300-e10-ps4asmb9-ikvmrs500a-e10-rs4_firmwarez11pa-u12rs500a-e9-rs4rs720a-e9-rs24-eesc4000_dhd_g4_firmwarers700a-e9-rs4_firmwarers700a-e9-rs4v2esc8000_g4rs720a-e9-rs24-e_firmwarepro_e800_g4rs720q-e9-rs8rs720a-e9-rs24v2e700_g4_firmwarers500-e9-rs4-urs700-e9-rs4z11pr-d16_firmwarers100-e10-pi2_firmwareesc4000_g4x_firmwarers500-e9-ps4_firmwarers520-e9-rs8rs500a-e9-ps4_firmwarers700a-e9-rs12v2rs520-e9-rs8_firmwarers720q-e9-rs24-srs520-e9-rs12-epro_e800_g4_firmwarez11pa-u12_firmwarez11pa-d8cknpa-u16esc4000_g4rs500a-e9-rs4_firmwarers720q-e9-rs24-s_firmwarez11pa-u12\/10g-2s_firmwarers700-e9-rs12ws_c621e_sage_firmwareknpa-u16_firmwareesc4000_dhd_g4rs720-e9-rs12-e_firmwarews_x299_pro\/sews_x299_pro\/se_firmwarers500a-e9-ps4asmb9-ikvm_firmwarers700a-e9-rs4rs720-e9-rs24-uesc8000_g4\/10g_firmwarers720a-e9-rs24v2_firmwareesc4000_g4xrs300-e10-ps4_firmwarers720-e9-rs8-grs720a-e9-rs12v2_firmwarers720-e9-rs8-g_firmwaree700_g4rs720-e9-rs24-u_firmwarers720q-e9-rs8-s_firmwareesc8000_g4\/10gBMC firmware for KNPA-U16BMC firmware for RS720Q-E9-RS24-SBMC firmware for ESC4000 G4XBMC firmware for RS500A-E9-RS4BMC firmware for Z11PA-D8BMC firmware for Z11PA-U12BMC firmware for ESC4000 DHD G4BMC firmware for RS720A-E9-RS12V2BMC firmware for WS C621E SAGEBMC firmware for RS500A-E10-RS4BMC firmware for RS520-E9-RS8BMC firmware for Pro E800 G4BMC firmware for RS500A-E9-PS4BMC firmware for RS500-E9-RS4BMC firmware for RS720-E9-RS24-UBMC firmware for Z11PA-U12/10G-2SBMC firmware for RS700A-E9-RS12V2BMC firmware for ASMB9-iKVMBMC firmware for RS720-E9-RS8-GBMC firmware for RS720A-E9-RS24V2BMC firmware for ESC4000 G4BMC firmware for RS500A-E10-PS4BMC firmware for RS700A-E9-RS4BMC firmware for E700 G4BMC firmware for RS100-E10-PI2BMC firmware for RS500-E9-PS4BMC firmware for ESC8000 G4BMC firmware for RS700-E9-RS4BMC firmware for Z11PR-D16BMC firmware for RS500-E9-RS4-UBMC firmware for RS720Q-E9-RS8-SBMC firmware for RS700-E9-RS12BMC firmware for RS720-E9-RS12-EBMC firmware for RS720Q-E9-RS8BMC firmware for ESC8000 G4/10GBMC firmware for Z11PA-D8CBMC firmware for RS500A-E9 RS4BMC firmware for RS300-E10-RS4BMC firmware for RS300-E10-PS4BMC firmware for RS700A-E9-RS4V2BMC firmware for WS C422 PRO/SEBMC firmware for RS520-E9-RS12-EBMC firmware for WS X299 PRO/SEBMC firmware for RS720A-E9-RS24-E
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-28175
Matching Score-8
Assigner-TWCERT/CC
ShareView Details
Matching Score-8
Assigner-TWCERT/CC
CVSS Score-4.9||MEDIUM
EPSS-0.90% / 75.18%
||
7 Day CHG~0.00%
Published-06 Apr, 2021 | 05:01
Updated-16 Sep, 2024 | 23:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ASUS BMC's firmware: buffer overflow - Radius configuration function

The Radius configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service.

Action-Not Available
Vendor-ASUS (ASUSTeK Computer Inc.)
Product-z10pe-d16_ws_firmwarez10pr-d16_firmwareasmb8-ikvm_firmwarez10pe-d16_wsz10pr-d16asmb8-ikvmBMC firmware for Z10PR-D16BMC firmware for ASMB8-iKVMBMC firmware for Z10PE-D16 WS
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-28185
Matching Score-8
Assigner-TWCERT/CC
ShareView Details
Matching Score-8
Assigner-TWCERT/CC
CVSS Score-4.9||MEDIUM
EPSS-0.90% / 75.18%
||
7 Day CHG~0.00%
Published-06 Apr, 2021 | 05:02
Updated-16 Sep, 2024 | 22:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ASUS BMC's firmware: buffer overflow - ActiveX configuration-1 acquisition

The specific function in ASUS BMC’s firmware Web management page (ActiveX configuration-1 acquisition) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service.

Action-Not Available
Vendor-ASUS (ASUSTeK Computer Inc.)
Product-z10pe-d16_ws_firmwarez10pr-d16_firmwareasmb8-ikvm_firmwarez10pe-d16_wsz10pr-d16asmb8-ikvmBMC firmware for Z10PR-D16BMC firmware for ASMB8-iKVMBMC firmware for Z10PE-D16 WS
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-28184
Matching Score-8
Assigner-TWCERT/CC
ShareView Details
Matching Score-8
Assigner-TWCERT/CC
CVSS Score-4.9||MEDIUM
EPSS-0.90% / 75.18%
||
7 Day CHG~0.00%
Published-06 Apr, 2021 | 05:02
Updated-16 Sep, 2024 | 20:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ASUS BMC's firmware: buffer overflow - Active Directory configuration function

The Active Directory configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service.

Action-Not Available
Vendor-ASUS (ASUSTeK Computer Inc.)
Product-z10pe-d16_ws_firmwarez10pr-d16_firmwareasmb8-ikvm_firmwarez10pe-d16_wsz10pr-d16asmb8-ikvmBMC firmware for Z10PR-D16BMC firmware for ASMB8-iKVMBMC firmware for Z10PE-D16 WS
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-28188
Matching Score-8
Assigner-TWCERT/CC
ShareView Details
Matching Score-8
Assigner-TWCERT/CC
CVSS Score-4.9||MEDIUM
EPSS-0.90% / 75.18%
||
7 Day CHG~0.00%
Published-06 Apr, 2021 | 05:02
Updated-16 Sep, 2024 | 16:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ASUS BMC's firmware: buffer overflow - Modify user’s information function

The specific function in ASUS BMC’s firmware Web management page (Modify user’s information function) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service.

Action-Not Available
Vendor-ASUS (ASUSTeK Computer Inc.)
Product-z10pe-d16_ws_firmwarez10pr-d16_firmwareasmb8-ikvm_firmwarez10pe-d16_wsz10pr-d16asmb8-ikvmBMC firmware for Z10PR-D16BMC firmware for ASMB8-iKVMBMC firmware for Z10PE-D16 WS
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-28198
Matching Score-8
Assigner-TWCERT/CC
ShareView Details
Matching Score-8
Assigner-TWCERT/CC
CVSS Score-4.9||MEDIUM
EPSS-0.90% / 75.18%
||
7 Day CHG~0.00%
Published-06 Apr, 2021 | 05:02
Updated-16 Sep, 2024 | 19:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ASUS BMC's firmware: buffer overflow - Firmware protocol configuration

The Firmware protocol configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service.

Action-Not Available
Vendor-ASUS (ASUSTeK Computer Inc.)
Product-z11pa-d8_firmwarers500-e9-rs4_firmwarers500a-e9_rs4_u_firmwarers700-e9-rs12_firmwarews_c422_pro\/se_firmwareesc4000_g4_firmwarers720-e9-rs12-ers500-e9-rs4-u_firmwarers720q-e9-rs8_firmwarers300-e10-rs4_firmwarers100-e10-pi2rs700a-e9-rs4v2_firmwarez11pa-d8c_firmwarers720a-e9-rs12v2rs720q-e9-rs8-srs500a-e10-ps4rs700-e9-rs4_firmwarers500-e9-ps4ws_c422_pro\/sers500-e9-rs4esc8000_g4_firmwarers500a-e9_rs4_uz11pr-d16rs520-e9-rs12-e_firmwarers500a-e10-ps4_firmwarews_c621e_sagers500a-e10-rs4rs300-e10-rs4z11pa-d8rs700a-e9-rs12v2_firmwarez11pa-u12\/10g-2srs300-e10-ps4asmb9-ikvmrs500a-e10-rs4_firmwarez11pa-u12rs500a-e9-rs4rs720a-e9-rs24-eesc4000_dhd_g4_firmwarers700a-e9-rs4_firmwarers700a-e9-rs4v2esc8000_g4rs720a-e9-rs24-e_firmwarepro_e800_g4rs720q-e9-rs8rs720a-e9-rs24v2e700_g4_firmwarers500-e9-rs4-urs700-e9-rs4z11pr-d16_firmwarers100-e10-pi2_firmwareesc4000_g4x_firmwarers500-e9-ps4_firmwarers520-e9-rs8rs500a-e9-ps4_firmwarers700a-e9-rs12v2rs520-e9-rs8_firmwarers720q-e9-rs24-srs520-e9-rs12-epro_e800_g4_firmwarez11pa-u12_firmwarez11pa-d8cknpa-u16esc4000_g4rs500a-e9-rs4_firmwarers720q-e9-rs24-s_firmwarez11pa-u12\/10g-2s_firmwarers700-e9-rs12ws_c621e_sage_firmwareknpa-u16_firmwareesc4000_dhd_g4rs720-e9-rs12-e_firmwarews_x299_pro\/sews_x299_pro\/se_firmwarers500a-e9-ps4asmb9-ikvm_firmwarers700a-e9-rs4rs720-e9-rs24-uesc8000_g4\/10g_firmwarers720a-e9-rs24v2_firmwareesc4000_g4xrs300-e10-ps4_firmwarers720-e9-rs8-grs720a-e9-rs12v2_firmwarers720-e9-rs8-g_firmwaree700_g4rs720-e9-rs24-u_firmwarers720q-e9-rs8-s_firmwareesc8000_g4\/10gBMC firmware for KNPA-U16BMC firmware for RS720Q-E9-RS24-SBMC firmware for ESC4000 G4XBMC firmware for RS500A-E9-RS4BMC firmware for Z11PA-D8BMC firmware for Z11PA-U12BMC firmware for ESC4000 DHD G4BMC firmware for RS720A-E9-RS12V2BMC firmware for WS C621E SAGEBMC firmware for RS500A-E10-RS4BMC firmware for RS520-E9-RS8BMC firmware for Pro E800 G4BMC firmware for RS500A-E9-PS4BMC firmware for RS500-E9-RS4BMC firmware for RS720-E9-RS24-UBMC firmware for Z11PA-U12/10G-2SBMC firmware for RS700A-E9-RS12V2BMC firmware for ASMB9-iKVMBMC firmware for RS720-E9-RS8-GBMC firmware for RS720A-E9-RS24V2BMC firmware for ESC4000 G4BMC firmware for RS500A-E10-PS4BMC firmware for RS700A-E9-RS4BMC firmware for E700 G4BMC firmware for RS100-E10-PI2BMC firmware for RS500-E9-PS4BMC firmware for ESC8000 G4BMC firmware for RS700-E9-RS4BMC firmware for Z11PR-D16BMC firmware for RS500-E9-RS4-UBMC firmware for RS720Q-E9-RS8-SBMC firmware for RS700-E9-RS12BMC firmware for RS720-E9-RS12-EBMC firmware for RS720Q-E9-RS8BMC firmware for ESC8000 G4/10GBMC firmware for Z11PA-D8CBMC firmware for RS500A-E9 RS4BMC firmware for RS300-E10-RS4BMC firmware for RS300-E10-PS4BMC firmware for RS700A-E9-RS4V2BMC firmware for WS C422 PRO/SEBMC firmware for RS520-E9-RS12-EBMC firmware for WS X299 PRO/SEBMC firmware for RS720A-E9-RS24-E
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-28183
Matching Score-8
Assigner-TWCERT/CC
ShareView Details
Matching Score-8
Assigner-TWCERT/CC
CVSS Score-4.9||MEDIUM
EPSS-0.90% / 75.18%
||
7 Day CHG~0.00%
Published-06 Apr, 2021 | 05:02
Updated-17 Sep, 2024 | 03:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ASUS BMC's firmware: buffer overflow - Web License configuration setting

The specific function in ASUS BMC’s firmware Web management page (Web License configuration setting) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service.

Action-Not Available
Vendor-ASUS (ASUSTeK Computer Inc.)
Product-z10pe-d16_ws_firmwarez10pr-d16_firmwareasmb8-ikvm_firmwarez10pe-d16_wsz10pr-d16asmb8-ikvmBMC firmware for Z10PR-D16BMC firmware for ASMB8-iKVMBMC firmware for Z10PE-D16 WS
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-28196
Matching Score-8
Assigner-TWCERT/CC
ShareView Details
Matching Score-8
Assigner-TWCERT/CC
CVSS Score-4.9||MEDIUM
EPSS-0.66% / 70.50%
||
7 Day CHG~0.00%
Published-06 Apr, 2021 | 05:02
Updated-16 Sep, 2024 | 19:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ASUS BMC's firmware: buffer overflow - Generate SSL certificate function

The specific function in ASUS BMC’s firmware Web management page (Generate SSL certificate function) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service.

Action-Not Available
Vendor-ASUS (ASUSTeK Computer Inc.)
Product-z11pa-d8_firmwarers500-e9-rs4_firmwarers500a-e9_rs4_u_firmwarers700-e9-rs12_firmwarews_c422_pro\/se_firmwareesc4000_g4_firmwarers720-e9-rs12-ers500-e9-rs4-u_firmwarers720q-e9-rs8_firmwarers300-e10-rs4_firmwarers100-e10-pi2rs700a-e9-rs4v2_firmwarez11pa-d8c_firmwarers720a-e9-rs12v2rs720q-e9-rs8-srs500a-e10-ps4rs700-e9-rs4_firmwarers500-e9-ps4ws_c422_pro\/sers500-e9-rs4esc8000_g4_firmwarers500a-e9_rs4_uz11pr-d16rs520-e9-rs12-e_firmwarers500a-e10-ps4_firmwarews_c621e_sagers500a-e10-rs4rs300-e10-rs4z11pa-d8rs700a-e9-rs12v2_firmwarez11pa-u12\/10g-2srs300-e10-ps4asmb9-ikvmrs500a-e10-rs4_firmwarez11pa-u12rs500a-e9-rs4rs720a-e9-rs24-eesc4000_dhd_g4_firmwarers700a-e9-rs4_firmwarers700a-e9-rs4v2esc8000_g4rs720a-e9-rs24-e_firmwarepro_e800_g4rs720q-e9-rs8rs720a-e9-rs24v2e700_g4_firmwarers500-e9-rs4-urs700-e9-rs4z11pr-d16_firmwarers100-e10-pi2_firmwareesc4000_g4x_firmwarers500-e9-ps4_firmwarers520-e9-rs8rs500a-e9-ps4_firmwarers700a-e9-rs12v2rs520-e9-rs8_firmwarers720q-e9-rs24-srs520-e9-rs12-epro_e800_g4_firmwarez11pa-u12_firmwarez11pa-d8cknpa-u16esc4000_g4rs500a-e9-rs4_firmwarers720q-e9-rs24-s_firmwarez11pa-u12\/10g-2s_firmwarers700-e9-rs12ws_c621e_sage_firmwareknpa-u16_firmwareesc4000_dhd_g4rs720-e9-rs12-e_firmwarews_x299_pro\/sews_x299_pro\/se_firmwarers500a-e9-ps4asmb9-ikvm_firmwarers700a-e9-rs4rs720-e9-rs24-uesc8000_g4\/10g_firmwarers720a-e9-rs24v2_firmwareesc4000_g4xrs300-e10-ps4_firmwarers720-e9-rs8-grs720a-e9-rs12v2_firmwarers720-e9-rs8-g_firmwaree700_g4rs720-e9-rs24-u_firmwarers720q-e9-rs8-s_firmwareesc8000_g4\/10gBMC firmware for KNPA-U16BMC firmware for RS720Q-E9-RS24-SBMC firmware for ESC4000 G4XBMC firmware for RS500A-E9-RS4BMC firmware for Z11PA-D8BMC firmware for Z11PA-U12BMC firmware for ESC4000 DHD G4BMC firmware for RS720A-E9-RS12V2BMC firmware for WS C621E SAGEBMC firmware for RS500A-E10-RS4BMC firmware for RS520-E9-RS8BMC firmware for Pro E800 G4BMC firmware for RS500A-E9-PS4BMC firmware for RS500-E9-RS4BMC firmware for RS720-E9-RS24-UBMC firmware for Z11PA-U12/10G-2SBMC firmware for RS700A-E9-RS12V2BMC firmware for ASMB9-iKVMBMC firmware for RS720-E9-RS8-GBMC firmware for RS720A-E9-RS24V2BMC firmware for ESC4000 G4BMC firmware for RS500A-E10-PS4BMC firmware for RS700A-E9-RS4BMC firmware for E700 G4BMC firmware for RS100-E10-PI2BMC firmware for RS500-E9-PS4BMC firmware for ESC8000 G4BMC firmware for RS700-E9-RS4BMC firmware for Z11PR-D16BMC firmware for RS500-E9-RS4-UBMC firmware for RS720Q-E9-RS8-SBMC firmware for RS700-E9-RS12BMC firmware for RS720-E9-RS12-EBMC firmware for RS720Q-E9-RS8BMC firmware for ESC8000 G4/10GBMC firmware for Z11PA-D8CBMC firmware for RS500A-E9 RS4BMC firmware for RS300-E10-RS4BMC firmware for RS300-E10-PS4BMC firmware for RS700A-E9-RS4V2BMC firmware for WS C422 PRO/SEBMC firmware for RS520-E9-RS12-EBMC firmware for WS X299 PRO/SEBMC firmware for RS720A-E9-RS24-E
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2017-15655
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.6||CRITICAL
EPSS-1.44% / 80.39%
||
7 Day CHG~0.00%
Published-31 Jan, 2018 | 20:00
Updated-05 Aug, 2024 | 19:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple buffer overflow vulnerabilities exist in the HTTPd server in Asus asuswrt version <=3.0.0.4.376.X. All have been fixed in version 3.0.0.4.378, but this vulnerability was not previously disclosed. Some end-of-life routers have this version as the newest and thus are vulnerable at this time. This vulnerability allows for RCE with administrator rights when the administrator visits several pages.

Action-Not Available
Vendor-n/aASUS (ASUSTeK Computer Inc.)
Product-asuswrtn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2008-1491
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-88.72% / 99.50%
||
7 Day CHG~0.00%
Published-25 Mar, 2008 | 19:00
Updated-07 Aug, 2024 | 08:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in the DPC Proxy server (DpcProxy.exe) in ASUS Remote Console (aka ARC or ASMB3) 2.0.0.19 and 2.0.0.24 allows remote attackers to execute arbitrary code via a long string to TCP port 623.

Action-Not Available
Vendor-n/aASUS (ASUSTeK Computer Inc.)
Product-remote_consolen/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2015-6949
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.3||HIGH
EPSS-7.96% / 91.87%
||
7 Day CHG~0.00%
Published-15 Sep, 2015 | 18:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in the ASUS TM-AC1900 router allows remote attackers to execute arbitrary code via crafted HTTP header values.

Action-Not Available
Vendor-n/aASUS (ASUSTeK Computer Inc.)
Product-tm-1900n/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2013-6343
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-35.02% / 96.92%
||
7 Day CHG~0.00%
Published-22 Jan, 2014 | 02:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple buffer overflows in web.c in httpd on the ASUS RT-N56U and RT-AC66U routers with firmware 3.0.0.4.374_979 allow remote attackers to execute arbitrary code via the (1) apps_name or (2) apps_flag parameter to APP_Installation.asp.

Action-Not Available
Vendor-n/aASUS (ASUSTeK Computer Inc.)
Product-tm-ac1900rt-n56u_firmwarert-ac66u_firmwaretm-ac1900_firmwarert-ac66urt-n56un/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2013-4659
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-11.53% / 93.46%
||
7 Day CHG~0.00%
Published-14 Mar, 2017 | 09:02
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in Broadcom ACSD allows remote attackers to execute arbitrary code via a long string to TCP port 5916. This component is used on routers of multiple vendors including ASUS RT-AC66U and TRENDnet TEW-812DRU.

Action-Not Available
Vendor-n/aTRENDnet, Inc.ASUS (ASUSTeK Computer Inc.)
Product-rt-ac66u_firmwaretew-812dru_firmwaretew-812drurt-ac66un/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2012-4924
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.3||HIGH
EPSS-84.28% / 99.29%
||
7 Day CHG~0.00%
Published-15 Sep, 2012 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the CxDbgPrint function in the ipswcom.dll ActiveX component 1.0.0.1 for ASUS Net4Switch 1.0.0020 allows remote attackers to execute arbitrary code via a long parameter to the Alert method.

Action-Not Available
Vendor-n/aASUS (ASUSTeK Computer Inc.)
Product-net4switchipswcom_activex_componentn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-5712
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.2||HIGH
EPSS-2.45% / 84.89%
||
7 Day CHG~0.00%
Published-21 Nov, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in Active Management Technology (AMT) in Intel Manageability Engine Firmware 8.x/9.x/10.x/11.0/11.5/11.6/11.7/11.10/11.20 allows attacker with remote Admin access to the system to execute arbitrary code with AMT execution privilege.

Action-Not Available
Vendor-ASUS (ASUSTeK Computer Inc.)Siemens AGIntel Corporation
Product-rog_strix_z270g_gaming_firmwareh110-plus_firmwareh170m-plus\/brsimatic_ipc627dprime_h110m-ptuf_z270_mark_2rog_strix_z270h_gaming\/k1prime_j3355i-cb150i_pro_gaming\/aurasimatic_ipc827ch110m-a\/dp_firmwaresimatic_ipc477d_firmwareq170t_firmwareb250m-f_plush110m-ksh110m-a_d3ex-b150m-v5rog_strix_b250i_gaming_firmwareh170_pro_gamingsimotion_p320-4strooper_b150_d3_firmwareh110s2b150m-dtuf_z370-plus_gaming_firmwareh110m-ts_firmwaresimatic_ipc647d_firmwareb150-asimatic_ipc477db150m-plus_d3_firmwarerog_maximus_viii_hero_firmwarerog_strix_z270f_gamingrog_maximus_viii_ranger_firmwareb150m-v_plus_firmwareprime_q270m-ch110-plush110s2_firmwareh110m-e_firmwareprime_h110m2\/fpt_firmwaresabertooth_z170_mark_1h110m-c\/hdmi_firmwaresinumerik_pcu50.5-p_firmwaretuf_z370-pro_gaming_firmwarerog_maximus_viii_hero_alpha_firmwarerog_maximus_ix_hero_firmwarez170-krog_strix_b250g_gaming_firmwarerog_strix_z370-f_gamingb150m-ah110m-aex-b250m-v5z170-prosimatic_ipc477eb150m-k_d3prime_h110m2_firmwarerog_maximus_viii_formulaprime_b250m-dsimatic_field_pg_m3_firmwarerog_maximus_ix_extremesimatic_ipc677cb150m-k_firmwareq170s1_firmwareex-b150m-v3_firmwareprime_b250m-jb150m-a_d3_firmwarez170m-e_d3z170-k_firmwarepio-b150m_firmwarerog_strix_h270i_gaming_firmwareh170m-plush110m-ks_r1_firmwareex-b250-v7b150m-plusz170-ar_firmwareh110m-plusb150m-v_plush110m-kex-b150-v7_firmwareh110m-a_d3_firmwarerog_strix_b250h_gaming_firmwareh110m-c\/br_firmwarez170m-plus\/brprime_h270-plus_firmwareprime_h110m2\/fptprime_z270m-plus\/br_firmwareh110t-a_firmwareh110i-plus_firmwaresimatic_ipc627d_firmwaresimatic_field_pg_m3prime_z270-kh170i-pro_firmwaresimatic_field_pg_m4simatic_ipc627ch170i-prob150m-plus_d3z170-premium_firmwaresabertooth_z170_mark_1_firmwareb150m-f_plush170m-e_d3z170-eb150-pro_firmwarepio-b150mrog_maximus_ix_codeprime_b250-plus_firmwareh110m-c_firmwarerog_maximus_x_hero_firmwaresimatic_itp1000simatic_ipc427d_firmwareh110m-e\/m.2_firmwareprime_h110m2rog_maximus_x_formularog_maximus_x_formula_firmwareh110m-d\/exper\/sib150_pro_gaming\/aura_firmwaremanageability_engine_firmwarerog_maximus_ix_herorog_strix_z270i_gamingh170-plus_d3_firmwareex-b150m-v_firmwareq170m-cm-brog_strix_z370-g_gamingprime_z270-arb150-pro_d3rog_strix_z270h_gamingh110m-cs\/br_firmwarerog_strix_z370-i_gamingrog_strix_z370-h_gaming_firmwareh110m-d_firmwaresabertooth_z170_sb150_pro_gamingh110m-a\/m.2q270m-cm-asimatic_ipc847c_firmwareh110m-rh170-pro\/usb_3.1_firmwareq170m2_firmwareb150m-kprime_z270m-plus_firmwareh110m-a_firmwareex-h110m-v3_firmwareh110m-k_x_firmwarez170m-e_d3_firmwareh170_pro_gaming_firmwareb150m-k_d3_firmwarerog_strix_z270f_gaming_firmwarerog_strix_b250f_gamingh110m-cs\/brq170s1ex-b250-v7_firmwaresabertooth_z170_s_firmwarerog_strix_b250h_gamingh110m-d\/exper\/si_firmwareex-b150m-v5_firmwareprime_b250m-d_firmwareh110m-p\/dvib150i_pro_gaming\/aura_firmwaresimatic_ipc647db150m-f_plus_firmwareh110m-ks_r1h110m-c\/ps_firmwareb150-proprime_h270-proex-h110m-v_firmwareex-b250m-v3rog_strix_z270g_gamingrog_maximus_ix_formula_firmwarerog_maximus_viii_gene_firmwareprime_z270-p_firmwareex-h110m-v3h110m-c2\/tf_firmwarez170-p_firmwareq270-sactive_management_technology_firmwaresimatic_ipc427e_firmwarez170m-plustrooper_h110_d3z170-deluxe_firmwaresimatic_ipc547d_firmwaresimatic_ipc847cprime_q270m-c_firmwaresimatic_ipc547dh170m-plus_firmwareb250_mining_expert_firmwarerog_strix_h270i_gamingrog_strix_z270h_gaming\/k1_firmwareprime_z370-pz170-e_firmwarerog_maximus_viii_extreme_firmwareb250_mining_expertb150m-a_d3simatic_ipc677dh110m-c2prime_b250m-a_firmwaresimatic_ipc627c_firmwareprime_b250m-plus\/br_firmwarez170-ah110m-k_firmwaretuf_z270_mark_1_firmwareb150_pro_gaming_d3q170m-c_firmwarez170_pro_gaming\/auraex-b250m-vh110m-a\/m.2_firmwareb150m-d_firmwarerog_strix_b250f_gaming_firmwareprime_z370-a_firmwaresinumerik_pcu50.5-crog_maximus_x_code_firmwarerog_maximus_viii_impactsimatic_ipc827d_firmwareprime_b250m-plus_firmwarez170-deluxeb150m-cprime_b250m-plush110m-cs_xb150-pro_d3_firmwareprime_b250-proz170-a_firmwareb150_pro_gaming_d3_firmwareb150-plusprime_z270-a_firmwareprime_z270-k_firmwareh110m-c\/hdmisimatic_itp1000_firmwareprime_b250-a_firmwareprime_b250-arog_maximus_viii_geneh110t-aex-b250m-v5_firmwaresimatic_ipc647c_firmwareb150-a_firmwaresimatic_ipc427drog_maximus_viii_impact_firmwareq170th110m-r_firmwareh110m-crog_maximus_ix_apex_firmwareprime_z270-ar_firmwarez170_pro_gaming\/aura_firmwareh110m-fprime_b250m-k_firmwareprime_b250m-j_firmwarerog_strix_z370-e_gamingprime_b250m-c_firmwarerog_strix_z270i_gaming_firmwareprime_b250m-ah110m-p\/dvi_firmwareb150m-a_firmwareh170-plus_d3h110m-c\/brrog_strix_b250g_gamingb250-srog_maximus_ix_extreme_firmwareprime_z270m-plusb150_pro_gaming_firmwareex-b150-v7prime_j3355i-c_firmwareb150m-c_d3_firmwaresimatic_ipc427eprime_b250-pro_firmwareh110tq170m2\/cdm\/sib150m-a\/m.2z170_pro_gaming_firmwarerog_strix_z270e_gaming_firmwareb150m-c_firmwarerog_strix_z370-e_gaming_firmwareb150_pro_gaming\/auraq170m2prime_b250m-kprime_z370-aex-h110m-vh110m-dq170t_v2b150m-plus_firmwaresimatic_ipc647csinumerik_pcu50.5-c_firmwareb150m-a\/m.2_firmwareprime_h110m-p_firmwarez170-pro_firmwaresimatic_ipc847dh110m-k_d3z170-premiumex-b250m-v_firmwarerog_strix_z370-g_gaming_firmwareh110i-plussimatic_ipc477d_pro_firmwareb250m-f_plus_firmwarerog_maximus_viii_rangerh110m-plus_firmwareh110m-f_firmwareex-b150m-vtrooper_h110_d3_firmwarerog_maximus_x_apex_firmwarez170i_pro_gamingsimatic_field_pg_m5_firmwaretrooper_b150_d3simatic_ipc677d_firmwarerog_maximus_ix_apexh110m-a\/dpb150m-c\/brrog_strix_z370-i_gaming_firmwareh170-pro_firmwareb150i_pro_gaming\/wifi\/aura_firmwareh110m-erog_maximus_x_heroh110m-cs_firmwareh110m-cssimatic_field_pg_m4_firmwareh110m-cs_x_firmwareb150m-c_d3rog_maximus_viii_extremeh110s1_firmwaretuf_z270_mark_1z170m-plus\/br_firmwareex-b150m-v3prime_z270-pb150-plus_firmwareprime_z370-p_firmwareq170m2\/cdm\/si_firmwarerog_maximus_ix_formulatuf_z370-pro_gamingh170m-e_d3_firmwareb250m-c_prorog_strix_b250i_gamingrog_strix_z370-h_gamingprime_z270m-plus\/brh110m-ks_firmwareb250-mr_firmwareq170m-cm-b_firmwaresimatic_ipc477e_firmwarerog_strix_h270f_gamingrog_strix_z370-f_gaming_firmwareh110s1prime_h270m-plusz170-p_d3prime_b250m-cz170i_pro_gaming_firmwarerog_maximus_viii_heroh110m-tssimatic_ipc477d_propio-b250i_firmwareq170t_v2_firmwareprime_h270m-plus_firmwareb150m-c\/br_firmwareq170m-crog_maximus_x_codetuf_z370-plus_gamingb250-mrh170-prosimatic_ipc547erog_maximus_viii_formula_firmwareb250m-c_pro_firmwarerog_strix_h270f_gaming_firmwareh170-pro\/usb_3.1z170-p_d3_firmwarerog_maximus_x_apexpio-b250ib150m_pro_gaming_firmwarez170m-plus_firmwaresimatic_ipc547e_firmwaresimatic_ipc827dh110m-c\/psh110m-k_d3_firmwarerog_maximus_viii_hero_alphasimatic_field_pg_m5b150i_pro_gaming\/wifi\/aurarog_strix_z270h_gaming_firmwarerog_maximus_ix_code_firmwareprime_h270-pro_firmwareb150m_pro_gamingh110m-c2\/tfq270m-cm-a_firmwareh110m-c2_firmwarerog_strix_z270e_gamingtuf_z270_mark_2_firmwaresimatic_ipc677c_firmwareprime_b250m-plus\/brq270-s_firmwareh110t_firmwareex-b250m-v3_firmwarez170-ph110m-e\/m.2z170-arh110m-k_xsinumerik_pcu50.5-pb250-s_firmwareprime_z270-asimotion_p320-4s_firmwareprime_b250-plusprime_h270-plussimatic_ipc847d_firmwareh170m-plus\/br_firmwarez170_pro_gamingsimatic_ipc827c_firmwareActive Management Technology
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-5711
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.15% / 35.44%
||
7 Day CHG~0.00%
Published-21 Nov, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple buffer overflows in Active Management Technology (AMT) in Intel Manageability Engine Firmware 8.x/9.x/10.x/11.0/11.5/11.6/11.7/11.10/11.20 allow attacker with local access to the system to execute arbitrary code with AMT execution privilege.

Action-Not Available
Vendor-ASUS (ASUSTeK Computer Inc.)Siemens AGIntel Corporation
Product-rog_strix_z270g_gaming_firmwareh110-plus_firmwareh170m-plus\/brsimatic_ipc627dprime_h110m-ptuf_z270_mark_2rog_strix_z270h_gaming\/k1prime_j3355i-cb150i_pro_gaming\/aurasimatic_ipc827ch110m-a\/dp_firmwaresimatic_ipc477d_firmwareq170t_firmwareb250m-f_plush110m-ksh110m-a_d3ex-b150m-v5rog_strix_b250i_gaming_firmwareh170_pro_gamingsimotion_p320-4strooper_b150_d3_firmwareh110s2b150m-dtuf_z370-plus_gaming_firmwareh110m-ts_firmwaresimatic_ipc647d_firmwareb150-asimatic_ipc477db150m-plus_d3_firmwarerog_maximus_viii_hero_firmwarerog_strix_z270f_gamingrog_maximus_viii_ranger_firmwareb150m-v_plus_firmwareprime_q270m-ch110-plush110s2_firmwareh110m-e_firmwareprime_h110m2\/fpt_firmwaresabertooth_z170_mark_1h110m-c\/hdmi_firmwaresinumerik_pcu50.5-p_firmwaretuf_z370-pro_gaming_firmwarerog_maximus_viii_hero_alpha_firmwarerog_maximus_ix_hero_firmwarez170-krog_strix_b250g_gaming_firmwarerog_strix_z370-f_gamingb150m-ah110m-aex-b250m-v5z170-prosimatic_ipc477eb150m-k_d3prime_h110m2_firmwarerog_maximus_viii_formulaprime_b250m-dsimatic_field_pg_m3_firmwarerog_maximus_ix_extremesimatic_ipc677cb150m-k_firmwareq170s1_firmwareex-b150m-v3_firmwareprime_b250m-jb150m-a_d3_firmwarez170m-e_d3z170-k_firmwarepio-b150m_firmwarerog_strix_h270i_gaming_firmwareh170m-plush110m-ks_r1_firmwareex-b250-v7b150m-plusz170-ar_firmwareh110m-plusb150m-v_plush110m-kex-b150-v7_firmwareh110m-a_d3_firmwarerog_strix_b250h_gaming_firmwareh110m-c\/br_firmwarez170m-plus\/brprime_h270-plus_firmwareprime_h110m2\/fptprime_z270m-plus\/br_firmwareh110t-a_firmwareh110i-plus_firmwaresimatic_ipc627d_firmwaresimatic_field_pg_m3prime_z270-kh170i-pro_firmwaresimatic_field_pg_m4simatic_ipc627ch170i-prob150m-plus_d3z170-premium_firmwaresabertooth_z170_mark_1_firmwareb150m-f_plush170m-e_d3z170-eb150-pro_firmwarepio-b150mrog_maximus_ix_codeprime_b250-plus_firmwareh110m-c_firmwarerog_maximus_x_hero_firmwaresimatic_itp1000simatic_ipc427d_firmwareh110m-e\/m.2_firmwareprime_h110m2rog_maximus_x_formularog_maximus_x_formula_firmwareh110m-d\/exper\/sib150_pro_gaming\/aura_firmwaremanageability_engine_firmwarerog_maximus_ix_herorog_strix_z270i_gamingh170-plus_d3_firmwareex-b150m-v_firmwareq170m-cm-brog_strix_z370-g_gamingprime_z270-arb150-pro_d3rog_strix_z270h_gamingh110m-cs\/br_firmwarerog_strix_z370-i_gamingrog_strix_z370-h_gaming_firmwareh110m-d_firmwaresabertooth_z170_sb150_pro_gamingh110m-a\/m.2q270m-cm-asimatic_ipc847c_firmwareh110m-rh170-pro\/usb_3.1_firmwareq170m2_firmwareb150m-kprime_z270m-plus_firmwareh110m-a_firmwareex-h110m-v3_firmwareh110m-k_x_firmwarez170m-e_d3_firmwareh170_pro_gaming_firmwareb150m-k_d3_firmwarerog_strix_z270f_gaming_firmwarerog_strix_b250f_gamingh110m-cs\/brq170s1ex-b250-v7_firmwaresabertooth_z170_s_firmwarerog_strix_b250h_gamingh110m-d\/exper\/si_firmwareex-b150m-v5_firmwareprime_b250m-d_firmwareh110m-p\/dvib150i_pro_gaming\/aura_firmwaresimatic_ipc647db150m-f_plus_firmwareh110m-ks_r1h110m-c\/ps_firmwareb150-proprime_h270-proex-h110m-v_firmwareex-b250m-v3rog_strix_z270g_gamingrog_maximus_ix_formula_firmwarerog_maximus_viii_gene_firmwareprime_z270-p_firmwareex-h110m-v3h110m-c2\/tf_firmwarez170-p_firmwareq270-sactive_management_technology_firmwaresimatic_ipc427e_firmwarez170m-plustrooper_h110_d3z170-deluxe_firmwaresimatic_ipc547d_firmwaresimatic_ipc847cprime_q270m-c_firmwaresimatic_ipc547dh170m-plus_firmwareb250_mining_expert_firmwarerog_strix_h270i_gamingrog_strix_z270h_gaming\/k1_firmwareprime_z370-pz170-e_firmwarerog_maximus_viii_extreme_firmwareb250_mining_expertb150m-a_d3simatic_ipc677dh110m-c2prime_b250m-a_firmwaresimatic_ipc627c_firmwareprime_b250m-plus\/br_firmwarez170-ah110m-k_firmwaretuf_z270_mark_1_firmwareb150_pro_gaming_d3q170m-c_firmwarez170_pro_gaming\/auraex-b250m-vh110m-a\/m.2_firmwareb150m-d_firmwarerog_strix_b250f_gaming_firmwareprime_z370-a_firmwaresinumerik_pcu50.5-crog_maximus_x_code_firmwarerog_maximus_viii_impactsimatic_ipc827d_firmwareprime_b250m-plus_firmwarez170-deluxeb150m-cprime_b250m-plush110m-cs_xb150-pro_d3_firmwareprime_b250-proz170-a_firmwareb150_pro_gaming_d3_firmwareb150-plusprime_z270-a_firmwareprime_z270-k_firmwareh110m-c\/hdmisimatic_itp1000_firmwareprime_b250-a_firmwareprime_b250-arog_maximus_viii_geneh110t-aex-b250m-v5_firmwaresimatic_ipc647c_firmwareb150-a_firmwaresimatic_ipc427drog_maximus_viii_impact_firmwareq170th110m-r_firmwareh110m-crog_maximus_ix_apex_firmwareprime_z270-ar_firmwarez170_pro_gaming\/aura_firmwareh110m-fprime_b250m-k_firmwareprime_b250m-j_firmwarerog_strix_z370-e_gamingprime_b250m-c_firmwarerog_strix_z270i_gaming_firmwareprime_b250m-ah110m-p\/dvi_firmwareb150m-a_firmwareh170-plus_d3h110m-c\/brrog_strix_b250g_gamingb250-srog_maximus_ix_extreme_firmwareprime_z270m-plusb150_pro_gaming_firmwareex-b150-v7prime_j3355i-c_firmwareb150m-c_d3_firmwaresimatic_ipc427eprime_b250-pro_firmwareh110tq170m2\/cdm\/sib150m-a\/m.2z170_pro_gaming_firmwarerog_strix_z270e_gaming_firmwareb150m-c_firmwarerog_strix_z370-e_gaming_firmwareb150_pro_gaming\/auraq170m2prime_b250m-kprime_z370-aex-h110m-vh110m-dq170t_v2b150m-plus_firmwaresimatic_ipc647csinumerik_pcu50.5-c_firmwareb150m-a\/m.2_firmwareprime_h110m-p_firmwarez170-pro_firmwaresimatic_ipc847dh110m-k_d3z170-premiumex-b250m-v_firmwarerog_strix_z370-g_gaming_firmwareh110i-plussimatic_ipc477d_pro_firmwareb250m-f_plus_firmwarerog_maximus_viii_rangerh110m-plus_firmwareh110m-f_firmwareex-b150m-vtrooper_h110_d3_firmwarerog_maximus_x_apex_firmwarez170i_pro_gamingsimatic_field_pg_m5_firmwaretrooper_b150_d3simatic_ipc677d_firmwarerog_maximus_ix_apexh110m-a\/dpb150m-c\/brrog_strix_z370-i_gaming_firmwareh170-pro_firmwareb150i_pro_gaming\/wifi\/aura_firmwareh110m-erog_maximus_x_heroh110m-cs_firmwareh110m-cssimatic_field_pg_m4_firmwareh110m-cs_x_firmwareb150m-c_d3rog_maximus_viii_extremeh110s1_firmwaretuf_z270_mark_1z170m-plus\/br_firmwareex-b150m-v3prime_z270-pb150-plus_firmwareprime_z370-p_firmwareq170m2\/cdm\/si_firmwarerog_maximus_ix_formulatuf_z370-pro_gamingh170m-e_d3_firmwareb250m-c_prorog_strix_b250i_gamingrog_strix_z370-h_gamingprime_z270m-plus\/brh110m-ks_firmwareb250-mr_firmwareq170m-cm-b_firmwaresimatic_ipc477e_firmwarerog_strix_h270f_gamingrog_strix_z370-f_gaming_firmwareh110s1prime_h270m-plusz170-p_d3prime_b250m-cz170i_pro_gaming_firmwarerog_maximus_viii_heroh110m-tssimatic_ipc477d_propio-b250i_firmwareq170t_v2_firmwareprime_h270m-plus_firmwareb150m-c\/br_firmwareq170m-crog_maximus_x_codetuf_z370-plus_gamingb250-mrh170-prosimatic_ipc547erog_maximus_viii_formula_firmwareb250m-c_pro_firmwarerog_strix_h270f_gaming_firmwareh170-pro\/usb_3.1z170-p_d3_firmwarerog_maximus_x_apexpio-b250ib150m_pro_gaming_firmwarez170m-plus_firmwaresimatic_ipc547e_firmwaresimatic_ipc827dh110m-c\/psh110m-k_d3_firmwarerog_maximus_viii_hero_alphasimatic_field_pg_m5b150i_pro_gaming\/wifi\/aurarog_strix_z270h_gaming_firmwarerog_maximus_ix_code_firmwareprime_h270-pro_firmwareb150m_pro_gamingh110m-c2\/tfq270m-cm-a_firmwareh110m-c2_firmwarerog_strix_z270e_gamingtuf_z270_mark_2_firmwaresimatic_ipc677c_firmwareprime_b250m-plus\/brq270-s_firmwareh110t_firmwareex-b250m-v3_firmwarez170-ph110m-e\/m.2z170-arh110m-k_xsinumerik_pcu50.5-pb250-s_firmwareprime_z270-asimotion_p320-4s_firmwareprime_b250-plusprime_h270-plussimatic_ipc847d_firmwareh170m-plus\/br_firmwarez170_pro_gamingsimatic_ipc827c_firmwareActive Management Technology
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-6548
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-48.34% / 97.65%
||
7 Day CHG~0.00%
Published-09 Mar, 2017 | 09:26
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflows in networkmap on ASUS RT-N56U, RT-N66U, RT-AC66U, RT-N66R, RT-AC66R, RT-AC68U, RT-AC68R, RT-N66W, RT-AC66W, RT-AC87R, RT-AC87U, RT-AC51U, RT-AC68P, RT-N11P, RT-N12+, RT-N12E B1, RT-AC3200, RT-AC53U, RT-AC1750, RT-AC1900P, RT-N300, and RT-AC750 routers with firmware before 3.0.0.4.380.7378; RT-AC68W routers with firmware before 3.0.0.4.380.7266; and RT-N600, RT-N12+ B1, RT-N11P B1, RT-N12VP B1, RT-N12E C1, RT-N300 B1, and RT-N12+ Pro routers with firmware before 3.0.0.4.380.9488; and Asuswrt-Merlin firmware before 380.65_2 allow remote attackers to execute arbitrary code on the router via a long host or port in crafted multicast messages.

Action-Not Available
Vendor-n/aASUS (ASUSTeK Computer Inc.)
Product-rt-ac53_firmwarert-ac53n/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2021-41289
Matching Score-6
Assigner-TWCERT/CC
ShareView Details
Matching Score-6
Assigner-TWCERT/CC
CVSS Score-6.3||MEDIUM
EPSS-0.04% / 11.87%
||
7 Day CHG~0.00%
Published-15 Nov, 2021 | 09:30
Updated-17 Sep, 2024 | 00:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ASUS P453UJ - Improper Restriction of Operations within the Bounds of a Memory Buffer

ASUS P453UJ contains the Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability. With a general user’s permission, local attackers can modify the BIOS by replacing or filling in the content of the designated Memory DataBuffer, which causing a failure of integrity verification and further resulting in a failure to boot.

Action-Not Available
Vendor-ASUS (ASUSTeK Computer Inc.)
Product-p453ujp453uj_biosP453UJ BIOS
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2022-38105
Matching Score-6
Assigner-Talos
ShareView Details
Matching Score-6
Assigner-Talos
CVSS Score-7.5||HIGH
EPSS-0.30% / 53.16%
||
7 Day CHG~0.00%
Published-10 Jan, 2023 | 20:44
Updated-14 Jan, 2023 | 04:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An information disclosure vulnerability exists in the cm_processREQ_NC opcode of Asus RT-AX82U 3.0.0.4.386_49674-ge182230 router's configuration service. A specially-crafted network packets can lead to a disclosure of sensitive information. An attacker can send a network request to trigger this vulnerability.

Action-Not Available
Vendor-ASUS (ASUSTeK Computer Inc.)
Product-rt-ax82urt-ax82u_firmwareRT-AX82U
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2008-7182
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-4||MEDIUM
EPSS-13.41% / 94.02%
||
7 Day CHG~0.00%
Published-08 Sep, 2009 | 10:00
Updated-07 Aug, 2024 | 11:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the IMAP service in NetWin Surgemail 3.9e, and possibly other versions before 3.9g2, allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via a long first argument to the APPEND command, a different vector than CVE-2008-1497 and CVE-2008-1498. NOTE: due to lack of details, it is not certain whether this is the same issue as CVE-2008-2859.

Action-Not Available
Vendor-netwinn/a
Product-surgemailn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-20634
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.54% / 67.05%
||
7 Day CHG~0.00%
Published-20 Mar, 2019 | 18:35
Updated-05 Aug, 2024 | 12:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

PHP Scripts Mall Advance B2B Script 2.1.4 allows remote attackers to cause a denial of service (changed Page structure) via JavaScript code in the First Name field.

Action-Not Available
Vendor-advance_b2b_script_projectn/a
Product-advance_b2b_scriptn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-20642
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.54% / 67.05%
||
7 Day CHG~0.00%
Published-20 Mar, 2019 | 19:03
Updated-05 Aug, 2024 | 12:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

PHP Scripts Mall Entrepreneur Job Portal Script 3.0.1 allows remote attackers to cause a denial of service (outage of profile editing) via crafted JavaScript code in the KeySkills field.

Action-Not Available
Vendor-entrepreneur_job_portal_script_projectn/a
Product-entrepreneur_job_portal_scriptn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-20637
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.52% / 66.12%
||
7 Day CHG~0.00%
Published-20 Mar, 2019 | 18:46
Updated-05 Aug, 2024 | 12:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 allows remote attackers to cause a denial of service (unrecoverable blank profile) via crafted JavaScript code in the First Name and Last Name field.

Action-Not Available
Vendor-chartered_accountant_\n/a
Product-_auditor_website_projectn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-2386
Matching Score-4
Assigner-SAP SE
ShareView Details
Matching Score-4
Assigner-SAP SE
CVSS Score-6.5||MEDIUM
EPSS-0.45% / 63.06%
||
7 Day CHG~0.00%
Published-14 Feb, 2018 | 12:00
Updated-05 Aug, 2024 | 04:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Under certain conditions a malicious user provoking an out of bounds buffer overflow can prevent legitimate users from accessing the SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53.

Action-Not Available
Vendor-SAP SE
Product-internet_graphics_serverSAP Internet Graphics Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2008-1966
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-4||MEDIUM
EPSS-1.60% / 81.39%
||
7 Day CHG~0.00%
Published-27 Apr, 2008 | 18:00
Updated-07 Aug, 2024 | 08:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple buffer overflows in the JAR file administration routines in the BSU JAVA subcomponent in IBM DB2 8 before FP16, 9.1 before FP4a, and 9.5 before FP1 allow remote authenticated users to cause a denial of service (instance crash) via a call to the (1) RECOVERJAR or (2) REMOVE_JAR procedure with a crafted parameter, related to (a) sqlj.install_jar and (b) sqlj.replace_jar.

Action-Not Available
Vendor-n/aIBM Corporation
Product-db2n/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2025-0848
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-7.1||HIGH
EPSS-0.14% / 34.88%
||
7 Day CHG~0.00%
Published-30 Jan, 2025 | 01:00
Updated-06 Mar, 2025 | 13:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda A18 HTTP POST Request SetCmdlineRun stack-based overflow

A vulnerability was found in Tenda A18 up to 15.13.07.09. It has been rated as critical. This issue affects the function SetCmdlineRun of the file /goform/SetCmdlineRun of the component HTTP POST Request Handler. The manipulation of the argument wpapsk_crypto5g leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-a18_firmwarea18A18
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2016-1397
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.51% / 65.90%
||
7 Day CHG~0.00%
Published-19 Jun, 2016 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the web-based management interface on Cisco RV110W devices with firmware before 1.2.1.7, RV130W devices with firmware before 1.0.3.16, and RV215W devices with firmware before 1.3.0.8 allows remote authenticated users to cause a denial of service (device reload) via crafted configuration commands in an HTTP request, aka Bug ID CSCux82523.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-rv130w_wireless-n_multifunction_vpn_router_firmwarerv215w_wireless-n_vpn_router_firmwarerv215w_wireless-n_vpn_routerrv110w_wireless-n_vpn_firewall_firmwarerv130w_wireless-n_multifunction_vpn_routerrv110w_wireless-n_vpn_firewalln/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-10310
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-4.9||MEDIUM
EPSS-3.48% / 87.27%
||
7 Day CHG~0.00%
Published-10 Apr, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the MobiLink Synchronization Server component in SAP SQL Anywhere 17 and possibly earlier allows remote authenticated users to cause a denial of service (resource consumption and process crash) by sending a crafted packet several times, aka SAP Security Note 2308778.

Action-Not Available
Vendor-n/aSAP SE
Product-sql_anywheren/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-1310
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.72% / 71.95%
||
7 Day CHG~0.00%
Published-29 Jun, 2017 | 13:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Informix Dynamic Server 12.1 could allow an authenticated user to cause a buffer overflow that would write large assertion fail files to the server. Done enough times, this could use large parts of the file system and cause the server to crash. IBM X-Force ID: 125569.

Action-Not Available
Vendor-IBM Corporation
Product-informix_dynamic_serverInformix Servers
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2015-7992
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-4||MEDIUM
EPSS-0.38% / 58.93%
||
7 Day CHG~0.00%
Published-10 Nov, 2015 | 16:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SAP HANA DB 1.00.73.00.389160 (NewDB100_REL) allows remote authenticated users to cause a denial of service (memory corruption and indexserver crash) via unspecified vectors to the EXECUTE_SEARCH_RULE_SET stored procedure, aka SAP Security Note 2175928.

Action-Not Available
Vendor-n/aSAP SE
Product-hanan/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
  • Previous
  • 1
  • 2
  • 3
  • Next
Details not found