Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2020-6999

Summary
Assigner-icscert
Assigner Org ID-7d14cffa-0d7d-4270-9dc0-52cabd5a23a6
Published At-26 Mar, 2020 | 12:06
Updated At-04 Aug, 2024 | 09:18
Rejected At-
Credits

In Moxa EDS-G516E Series firmware, Version 5.2 or lower, some of the parameters in the setting pages do not ensure text is the correct size for its buffer.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:icscert
Assigner Org ID:7d14cffa-0d7d-4270-9dc0-52cabd5a23a6
Published At:26 Mar, 2020 | 12:06
Updated At:04 Aug, 2024 | 09:18
Rejected At:
▼CVE Numbering Authority (CNA)

In Moxa EDS-G516E Series firmware, Version 5.2 or lower, some of the parameters in the setting pages do not ensure text is the correct size for its buffer.

Affected Products
Vendor
n/a
Product
Moxa EDS-G516E Series firmware, Version 5.2 or lower
Versions
Affected
  • Moxa EDS-G516E Series firmware, Version 5.2 or lower
Problem Types
TypeCWE IDDescription
CWECWE-120CLASSIC BUFFER OVERFLOW CWE-120
Type: CWE
CWE ID: CWE-120
Description: CLASSIC BUFFER OVERFLOW CWE-120
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.us-cert.gov/ics/advisories/icsa-20-056-04
x_refsource_MISC
Hyperlink: https://www.us-cert.gov/ics/advisories/icsa-20-056-04
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.us-cert.gov/ics/advisories/icsa-20-056-04
x_refsource_MISC
x_transferred
Hyperlink: https://www.us-cert.gov/ics/advisories/icsa-20-056-04
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:ics-cert@hq.dhs.gov
Published At:26 Mar, 2020 | 13:15
Updated At:30 Mar, 2020 | 17:22

In Moxa EDS-G516E Series firmware, Version 5.2 or lower, some of the parameters in the setting pages do not ensure text is the correct size for its buffer.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.16.5MEDIUM
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Primary2.04.0MEDIUM
AV:N/AC:L/Au:S/C:N/I:N/A:P
Type: Primary
Version: 3.1
Base score: 6.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Type: Primary
Version: 2.0
Base score: 4.0
Base severity: MEDIUM
Vector:
AV:N/AC:L/Au:S/C:N/I:N/A:P
CPE Matches
Moxa Inc.
moxa
>>mds-g516e_firmware>>Versions up to 5.2(inclusive)
cpe:2.3:o:moxa:mds-g516e_firmware:*:*:*:*:*:*:*:*
Moxa Inc.
moxa
>>mds-g516e>>-
cpe:2.3:h:moxa:mds-g516e:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-120Primarynvd@nist.gov
CWE-120Secondaryics-cert@hq.dhs.gov
CWE ID: CWE-120
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-120
Type: Secondary
Source: ics-cert@hq.dhs.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://www.us-cert.gov/ics/advisories/icsa-20-056-04ics-cert@hq.dhs.gov
Patch
Third Party Advisory
US Government Resource
Hyperlink: https://www.us-cert.gov/ics/advisories/icsa-20-056-04
Source: ics-cert@hq.dhs.gov
Resource:
Patch
Third Party Advisory
US Government Resource

Change History

0
Information is not available yet

Similar CVEs

83Records found
CVE-2023-38924
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.25% / 48.41%
||
7 Day CHG~0.00%
Published-07 Aug, 2023 | 00:00
Updated-11 Oct, 2024 | 13:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Netgear DGN3500 1.1.00.37 was discovered to contain a buffer overflow via the http_password parameter at setup.cgi.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-dgn3500_firmwaredgn3500n/adgn3500
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-37929
Matching Score-4
Assigner-Zyxel Corporation
ShareView Details
Matching Score-4
Assigner-Zyxel Corporation
CVSS Score-6.5||MEDIUM
EPSS-1.46% / 80.05%
||
7 Day CHG~0.00%
Published-21 May, 2024 | 01:23
Updated-22 Jan, 2025 | 22:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The buffer overflow vulnerability in the CGI program of the VMG3625-T50B firmware version V5.50(ABPM.8)C0 could allow an authenticated remote attacker to cause denial of service (DoS) conditions by sending a crafted HTTP request to a vulnerable device.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-ex3510_firmwarevmg8825-t50kvmg3625-t50b_firmwareex5600-t1_firmwareex3501-t0wx5610-b0ex5401-b0vmg3927-t50kex5401-b1_firmwaredx4510_firmwaredx4510dx5401-b0_firmwarevmg8623-t50b_firmwarenbg7510_firmwareex5601-t0_firmwareex5401-b0_firmwareex3301-t0emg5723-t50kdx3300-t1wx3100-t0_firmwarevmg8825-t50k_firmwareemg3525-t50bwx5610-b0_firmwaredx5401-b1_firmwareex5601-t1ex5512-t0_firmwarewx5600-t0ex7710-b0_firmwareax7501-b1_firmwareex3301-t0_firmwareemg5523-t50bdx5401-b1emg5523-t50b_firmwareex5501-b0ex7710-b0ex3300-t1ax7501-b1dx3300-t1_firmwarevmg3625-t50bex5401-b1emg5723-t50k_firmwaredx3301-t0ex5600-t1wx5600-t0_firmwareex5601-t0ax7501-b0_firmwareex3510ex5601-t1_firmwarevmg8623-t50bex5510_firmwarevmg3927-t50k_firmwarewx3100-t0emg3525-t50b_firmwaredx3301-t0_firmwareax7501-b0nbg7510ex5512-t0ex3500-t0ex3300-t1_firmwareex5501-b0_firmwareex3500-t0_firmwaredx5401-b0ex3501-t0_firmwareex5510V5.50(ABPM.8)C0 firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-1895
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-7.1||HIGH
EPSS-0.03% / 7.65%
||
7 Day CHG~0.00%
Published-04 Mar, 2025 | 01:00
Updated-05 Mar, 2025 | 15:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda TX3 setMacFilterCfg buffer overflow

A vulnerability classified as critical has been found in Tenda TX3 16.03.13.11_multi. This affects an unknown part of the file /goform/setMacFilterCfg. The manipulation of the argument deviceList leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-tx3tx3_firmwareTX3
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-1896
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-7.1||HIGH
EPSS-0.03% / 7.65%
||
7 Day CHG~0.00%
Published-04 Mar, 2025 | 01:31
Updated-04 Mar, 2025 | 15:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda TX3 SetStaticRouteCfg buffer overflow

A vulnerability classified as critical was found in Tenda TX3 16.03.13.11_multi. This vulnerability affects unknown code of the file /goform/SetStaticRouteCfg. The manipulation of the argument list leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-TX3
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-1899
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-7.1||HIGH
EPSS-0.11% / 30.09%
||
7 Day CHG~0.00%
Published-04 Mar, 2025 | 02:31
Updated-05 Mar, 2025 | 18:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda TX3 setPptpUserList buffer overflow

A vulnerability has been found in Tenda TX3 16.03.13.11_multi and classified as critical. Affected by this vulnerability is an unknown functionality of the file /goform/setPptpUserList. The manipulation of the argument list leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-tx3tx3_firmwareTX3
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-1897
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-7.1||HIGH
EPSS-0.03% / 7.65%
||
7 Day CHG~0.00%
Published-04 Mar, 2025 | 01:31
Updated-04 Mar, 2025 | 14:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda TX3 SetNetControlList buffer overflow

A vulnerability, which was classified as critical, has been found in Tenda TX3 16.03.13.11_multi. This issue affects some unknown processing of the file /goform/SetNetControlList. The manipulation of the argument list leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-TX3
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-57538
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.12% / 31.69%
||
7 Day CHG+0.01%
Published-21 Jan, 2025 | 00:00
Updated-22 Apr, 2025 | 14:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (anonymous_protect_status) is copied to the stack without length verification.

Action-Not Available
Vendor-n/aLinksys Holdings, Inc.
Product-e8450e8450_firmwaren/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-57540
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.12% / 31.69%
||
7 Day CHG+0.01%
Published-21 Jan, 2025 | 00:00
Updated-22 Apr, 2025 | 14:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (action) is copied to the stack without length verification.

Action-Not Available
Vendor-n/aLinksys Holdings, Inc.
Product-e8450e8450_firmwaren/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-23093
Matching Score-4
Assigner-FreeBSD
ShareView Details
Matching Score-4
Assigner-FreeBSD
CVSS Score-6.5||MEDIUM
EPSS-2.59% / 85.01%
||
7 Day CHG~0.00%
Published-15 Feb, 2024 | 05:18
Updated-04 Jun, 2025 | 22:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Stack overflow in ping(8)

ping reads raw IP packets from the network to process responses in the pr_pack() function. As part of processing a response ping has to reconstruct the IP header, the ICMP header and if present a "quoted packet," which represents the packet that generated an ICMP error. The quoted packet again has an IP header and an ICMP header. The pr_pack() copies received IP and ICMP headers into stack buffers for further processing. In so doing, it fails to take into account the possible presence of IP option headers following the IP header in either the response or the quoted packet. When IP options are present, pr_pack() overflows the destination buffer by up to 40 bytes. The memory safety bugs described above can be triggered by a remote host, causing the ping program to crash. The ping process runs in a capability mode sandbox on all affected versions of FreeBSD and is thus very constrained in how it can interact with the rest of the system at the point where the bug can occur.

Action-Not Available
Vendor-FreeBSD Foundation
Product-freebsdFreeBSD
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-20927
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.7||HIGH
EPSS-0.14% / 34.58%
||
7 Day CHG~0.00%
Published-10 Nov, 2022 | 17:30
Updated-03 Aug, 2024 | 02:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the SSL/TLS client of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper memory management when a device initiates SSL/TLS connections. An attacker could exploit this vulnerability by ensuring that the device will connect to an SSL/TLS server that is using specific encryption parameters. A successful exploit could allow the attacker to cause the affected device to unexpectedly reload, resulting in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-firepower_services_software_for_asafirepower_threat_defenseadaptive_security_appliance_softwareCisco Firepower Threat Defense SoftwareCisco Adaptive Security Appliance (ASA) SoftwareCisco FirePOWER Services Software for ASA
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2018-14652
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-6.5||MEDIUM
EPSS-3.14% / 86.35%
||
7 Day CHG~0.00%
Published-31 Oct, 2018 | 19:00
Updated-05 Aug, 2024 | 09:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Gluster file system through versions 3.12 and 4.1.4 is vulnerable to a buffer overflow in the 'features/index' translator via the code handling the 'GF_XATTR_CLRLK_CMD' xattr in the 'pl_getxattr' function. A remote authenticated attacker could exploit this on a mounted volume to cause a denial of service.

Action-Not Available
Vendor-The Gluster ProjectDebian GNU/LinuxRed Hat, Inc.
Product-enterprise_linux_serverdebian_linuxenterprise_linux_virtualizationgluster_storageenterprise_virtualization_hostglusterfs
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2021-45523
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.7||MEDIUM
EPSS-0.19% / 41.45%
||
7 Day CHG~0.00%
Published-26 Dec, 2021 | 00:59
Updated-04 Aug, 2024 | 04:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NETGEAR R7000 devices before 1.0.9.42 are affected by a buffer overflow by an authenticated user.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-r7000_firmwarer7000n/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-44864
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.51% / 65.23%
||
7 Day CHG~0.00%
Published-08 Feb, 2022 | 14:23
Updated-04 Aug, 2024 | 04:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

TP-Link WR886N 3.0 1.0.1 Build 150127 Rel.34123n is vulnerable to Buffer Overflow. Authenticated attackers can crash router httpd services via /userRpm/PingIframeRpm.htm request which contains redundant & in parameter.

Action-Not Available
Vendor-n/aTP-Link Systems Inc.
Product-wn886nwn886n_firmwaren/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-39602
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.34% / 55.91%
||
7 Day CHG~0.00%
Published-23 Aug, 2021 | 22:01
Updated-04 Aug, 2024 | 02:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Buffer Overflow vulnerabilty exists in Miniftpd 1.0 in the do_mkd function in the ftpproto.c file, which could let a remote malicious user cause a Denial of Service.

Action-Not Available
Vendor-miniftpd_projectn/a
Product-miniftpdn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2017-2633
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-5.4||MEDIUM
EPSS-0.56% / 67.21%
||
7 Day CHG~0.00%
Published-27 Jul, 2018 | 19:00
Updated-05 Aug, 2024 | 14:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An out-of-bounds memory access issue was found in Quick Emulator (QEMU) before 1.7.2 in the VNC display driver. This flaw could occur while refreshing the VNC display surface area in the 'vnc_refresh_server_surface'. A user inside a guest could use this flaw to crash the QEMU process.

Action-Not Available
Vendor-QEMURed Hat, Inc.
Product-enterprise_linux_serverenterprise_linux_server_eusenterprise_linux_server_ausenterprise_linux_workstationqemuenterprise_linux_desktopQemu:
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-28184
Matching Score-4
Assigner-TWCERT/CC
ShareView Details
Matching Score-4
Assigner-TWCERT/CC
CVSS Score-4.9||MEDIUM
EPSS-0.90% / 74.66%
||
7 Day CHG~0.00%
Published-06 Apr, 2021 | 05:02
Updated-16 Sep, 2024 | 20:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ASUS BMC's firmware: buffer overflow - Active Directory configuration function

The Active Directory configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service.

Action-Not Available
Vendor-ASUS (ASUSTeK Computer Inc.)
Product-z10pe-d16_ws_firmwarez10pr-d16_firmwareasmb8-ikvm_firmwarez10pe-d16_wsz10pr-d16asmb8-ikvmBMC firmware for Z10PR-D16BMC firmware for ASMB8-iKVMBMC firmware for Z10PE-D16 WS
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-28185
Matching Score-4
Assigner-TWCERT/CC
ShareView Details
Matching Score-4
Assigner-TWCERT/CC
CVSS Score-4.9||MEDIUM
EPSS-0.90% / 74.66%
||
7 Day CHG~0.00%
Published-06 Apr, 2021 | 05:02
Updated-16 Sep, 2024 | 22:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ASUS BMC's firmware: buffer overflow - ActiveX configuration-1 acquisition

The specific function in ASUS BMC’s firmware Web management page (ActiveX configuration-1 acquisition) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service.

Action-Not Available
Vendor-ASUS (ASUSTeK Computer Inc.)
Product-z10pe-d16_ws_firmwarez10pr-d16_firmwareasmb8-ikvm_firmwarez10pe-d16_wsz10pr-d16asmb8-ikvmBMC firmware for Z10PR-D16BMC firmware for ASMB8-iKVMBMC firmware for Z10PE-D16 WS
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-28194
Matching Score-4
Assigner-TWCERT/CC
ShareView Details
Matching Score-4
Assigner-TWCERT/CC
CVSS Score-4.9||MEDIUM
EPSS-0.90% / 74.66%
||
7 Day CHG~0.00%
Published-06 Apr, 2021 | 05:02
Updated-17 Sep, 2024 | 04:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ASUS BMC's firmware: buffer overflow - Remote image configuration setting

The specific function in ASUS BMC’s firmware Web management page (Remote image configuration setting) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service.

Action-Not Available
Vendor-ASUS (ASUSTeK Computer Inc.)
Product-z11pa-d8_firmwarers500-e9-rs4_firmwarers500a-e9_rs4_u_firmwarers700-e9-rs12_firmwarews_c422_pro\/se_firmwareesc4000_g4_firmwarers720-e9-rs12-ers500-e9-rs4-u_firmwarers720q-e9-rs8_firmwarers300-e10-rs4_firmwarers100-e10-pi2rs700a-e9-rs4v2_firmwarez11pa-d8c_firmwarers720a-e9-rs12v2rs720q-e9-rs8-srs500a-e10-ps4rs700-e9-rs4_firmwarers500-e9-ps4ws_c422_pro\/sers500-e9-rs4esc8000_g4_firmwarers500a-e9_rs4_uz11pr-d16rs520-e9-rs12-e_firmwarers500a-e10-ps4_firmwarews_c621e_sagers500a-e10-rs4rs300-e10-rs4z11pa-d8rs700a-e9-rs12v2_firmwarez11pa-u12\/10g-2srs300-e10-ps4asmb9-ikvmrs500a-e10-rs4_firmwarez11pa-u12rs500a-e9-rs4rs720a-e9-rs24-eesc4000_dhd_g4_firmwarers700a-e9-rs4_firmwarers700a-e9-rs4v2esc8000_g4rs720a-e9-rs24-e_firmwarepro_e800_g4rs720q-e9-rs8rs720a-e9-rs24v2e700_g4_firmwarers500-e9-rs4-urs700-e9-rs4z11pr-d16_firmwarers100-e10-pi2_firmwareesc4000_g4x_firmwarers500-e9-ps4_firmwarers520-e9-rs8rs500a-e9-ps4_firmwarers700a-e9-rs12v2rs520-e9-rs8_firmwarers720q-e9-rs24-srs520-e9-rs12-epro_e800_g4_firmwarez11pa-u12_firmwarez11pa-d8cknpa-u16esc4000_g4rs500a-e9-rs4_firmwarers720q-e9-rs24-s_firmwarez11pa-u12\/10g-2s_firmwarers700-e9-rs12ws_c621e_sage_firmwareknpa-u16_firmwareesc4000_dhd_g4rs720-e9-rs12-e_firmwarews_x299_pro\/sews_x299_pro\/se_firmwarers500a-e9-ps4asmb9-ikvm_firmwarers700a-e9-rs4rs720-e9-rs24-uesc8000_g4\/10g_firmwarers720a-e9-rs24v2_firmwareesc4000_g4xrs300-e10-ps4_firmwarers720-e9-rs8-grs720a-e9-rs12v2_firmwarers720-e9-rs8-g_firmwaree700_g4rs720-e9-rs24-u_firmwarers720q-e9-rs8-s_firmwareesc8000_g4\/10gBMC firmware for KNPA-U16BMC firmware for RS720Q-E9-RS24-SBMC firmware for ESC4000 G4XBMC firmware for RS500A-E9-RS4BMC firmware for Z11PA-D8BMC firmware for Z11PA-U12BMC firmware for ESC4000 DHD G4BMC firmware for RS720A-E9-RS12V2BMC firmware for WS C621E SAGEBMC firmware for RS500A-E10-RS4BMC firmware for RS520-E9-RS8BMC firmware for Pro E800 G4BMC firmware for RS500A-E9-PS4BMC firmware for RS500-E9-RS4BMC firmware for RS720-E9-RS24-UBMC firmware for Z11PA-U12/10G-2SBMC firmware for RS700A-E9-RS12V2BMC firmware for ASMB9-iKVMBMC firmware for RS720-E9-RS8-GBMC firmware for RS720A-E9-RS24V2BMC firmware for ESC4000 G4BMC firmware for RS500A-E10-PS4BMC firmware for RS700A-E9-RS4BMC firmware for E700 G4BMC firmware for RS100-E10-PI2BMC firmware for RS500-E9-PS4BMC firmware for ESC8000 G4BMC firmware for RS700-E9-RS4BMC firmware for Z11PR-D16BMC firmware for RS500-E9-RS4-UBMC firmware for RS720Q-E9-RS8-SBMC firmware for RS700-E9-RS12BMC firmware for RS720-E9-RS12-EBMC firmware for RS720Q-E9-RS8BMC firmware for ESC8000 G4/10GBMC firmware for Z11PA-D8CBMC firmware for RS500A-E9 RS4BMC firmware for RS300-E10-RS4BMC firmware for RS300-E10-PS4BMC firmware for RS700A-E9-RS4V2BMC firmware for WS C422 PRO/SEBMC firmware for RS520-E9-RS12-EBMC firmware for WS X299 PRO/SEBMC firmware for RS720A-E9-RS24-E
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-28182
Matching Score-4
Assigner-TWCERT/CC
ShareView Details
Matching Score-4
Assigner-TWCERT/CC
CVSS Score-4.9||MEDIUM
EPSS-0.90% / 74.66%
||
7 Day CHG~0.00%
Published-06 Apr, 2021 | 05:02
Updated-16 Sep, 2024 | 21:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ASUS BMC's firmware: buffer overflow - Web Service configuration function

The Web Service configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service.

Action-Not Available
Vendor-ASUS (ASUSTeK Computer Inc.)
Product-z10pe-d16_ws_firmwarez10pr-d16_firmwareasmb8-ikvm_firmwarez10pe-d16_wsz10pr-d16asmb8-ikvmBMC firmware for Z10PR-D16BMC firmware for ASMB8-iKVMBMC firmware for Z10PE-D16 WS
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-28175
Matching Score-4
Assigner-TWCERT/CC
ShareView Details
Matching Score-4
Assigner-TWCERT/CC
CVSS Score-4.9||MEDIUM
EPSS-0.90% / 74.66%
||
7 Day CHG~0.00%
Published-06 Apr, 2021 | 05:01
Updated-16 Sep, 2024 | 23:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ASUS BMC's firmware: buffer overflow - Radius configuration function

The Radius configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service.

Action-Not Available
Vendor-ASUS (ASUSTeK Computer Inc.)
Product-z10pe-d16_ws_firmwarez10pr-d16_firmwareasmb8-ikvm_firmwarez10pe-d16_wsz10pr-d16asmb8-ikvmBMC firmware for Z10PR-D16BMC firmware for ASMB8-iKVMBMC firmware for Z10PE-D16 WS
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-28189
Matching Score-4
Assigner-TWCERT/CC
ShareView Details
Matching Score-4
Assigner-TWCERT/CC
CVSS Score-4.9||MEDIUM
EPSS-0.90% / 74.66%
||
7 Day CHG~0.00%
Published-06 Apr, 2021 | 05:02
Updated-17 Sep, 2024 | 02:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ASUS BMC's firmware: buffer overflow - SMTP configuration function

The SMTP configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service.

Action-Not Available
Vendor-ASUS (ASUSTeK Computer Inc.)
Product-z10pe-d16_ws_firmwarez10pr-d16_firmwareasmb8-ikvm_firmwarez10pe-d16_wsz10pr-d16asmb8-ikvmBMC firmware for Z10PR-D16BMC firmware for ASMB8-iKVMBMC firmware for Z10PE-D16 WS
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-28195
Matching Score-4
Assigner-TWCERT/CC
ShareView Details
Matching Score-4
Assigner-TWCERT/CC
CVSS Score-4.9||MEDIUM
EPSS-0.90% / 74.66%
||
7 Day CHG~0.00%
Published-06 Apr, 2021 | 05:02
Updated-16 Sep, 2024 | 20:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ASUS BMC's firmware: buffer overflow - Radius configuration function

The Radius configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service.

Action-Not Available
Vendor-ASUS (ASUSTeK Computer Inc.)
Product-z11pa-d8_firmwarers500-e9-rs4_firmwarers500a-e9_rs4_u_firmwarers700-e9-rs12_firmwarews_c422_pro\/se_firmwareesc4000_g4_firmwarers720-e9-rs12-ers500-e9-rs4-u_firmwarers720q-e9-rs8_firmwarers300-e10-rs4_firmwarers100-e10-pi2rs700a-e9-rs4v2_firmwarez11pa-d8c_firmwarers720a-e9-rs12v2rs720q-e9-rs8-srs500a-e10-ps4rs700-e9-rs4_firmwarers500-e9-ps4ws_c422_pro\/sers500-e9-rs4esc8000_g4_firmwarers500a-e9_rs4_uz11pr-d16rs520-e9-rs12-e_firmwarers500a-e10-ps4_firmwarews_c621e_sagers500a-e10-rs4rs300-e10-rs4z11pa-d8rs700a-e9-rs12v2_firmwarez11pa-u12\/10g-2srs300-e10-ps4asmb9-ikvmrs500a-e10-rs4_firmwarez11pa-u12rs500a-e9-rs4rs720a-e9-rs24-eesc4000_dhd_g4_firmwarers700a-e9-rs4_firmwarers700a-e9-rs4v2esc8000_g4rs720a-e9-rs24-e_firmwarepro_e800_g4rs720q-e9-rs8rs720a-e9-rs24v2e700_g4_firmwarers500-e9-rs4-urs700-e9-rs4z11pr-d16_firmwarers100-e10-pi2_firmwareesc4000_g4x_firmwarers500-e9-ps4_firmwarers520-e9-rs8rs500a-e9-ps4_firmwarers700a-e9-rs12v2rs520-e9-rs8_firmwarers720q-e9-rs24-srs520-e9-rs12-epro_e800_g4_firmwarez11pa-u12_firmwarez11pa-d8cknpa-u16esc4000_g4rs500a-e9-rs4_firmwarers720q-e9-rs24-s_firmwarez11pa-u12\/10g-2s_firmwarers700-e9-rs12ws_c621e_sage_firmwareknpa-u16_firmwareesc4000_dhd_g4rs720-e9-rs12-e_firmwarews_x299_pro\/sews_x299_pro\/se_firmwarers500a-e9-ps4asmb9-ikvm_firmwarers700a-e9-rs4rs720-e9-rs24-uesc8000_g4\/10g_firmwarers720a-e9-rs24v2_firmwareesc4000_g4xrs300-e10-ps4_firmwarers720-e9-rs8-grs720a-e9-rs12v2_firmwarers720-e9-rs8-g_firmwaree700_g4rs720-e9-rs24-u_firmwarers720q-e9-rs8-s_firmwareesc8000_g4\/10gBMC firmware for KNPA-U16BMC firmware for RS720Q-E9-RS24-SBMC firmware for ESC4000 G4XBMC firmware for RS500A-E9-RS4BMC firmware for Z11PA-D8BMC firmware for Z11PA-U12BMC firmware for ESC4000 DHD G4BMC firmware for RS720A-E9-RS12V2BMC firmware for WS C621E SAGEBMC firmware for RS500A-E10-RS4BMC firmware for RS520-E9-RS8BMC firmware for Pro E800 G4BMC firmware for RS500A-E9-PS4BMC firmware for RS500-E9-RS4BMC firmware for RS720-E9-RS24-UBMC firmware for Z11PA-U12/10G-2SBMC firmware for RS700A-E9-RS12V2BMC firmware for ASMB9-iKVMBMC firmware for RS720-E9-RS8-GBMC firmware for RS720A-E9-RS24V2BMC firmware for ESC4000 G4BMC firmware for RS500A-E10-PS4BMC firmware for RS700A-E9-RS4BMC firmware for E700 G4BMC firmware for RS100-E10-PI2BMC firmware for RS500-E9-PS4BMC firmware for ESC8000 G4BMC firmware for RS700-E9-RS4BMC firmware for Z11PR-D16BMC firmware for RS500-E9-RS4-UBMC firmware for RS720Q-E9-RS8-SBMC firmware for RS700-E9-RS12BMC firmware for RS720-E9-RS12-EBMC firmware for RS720Q-E9-RS8BMC firmware for ESC8000 G4/10GBMC firmware for Z11PA-D8CBMC firmware for RS500A-E9 RS4BMC firmware for RS300-E10-RS4BMC firmware for RS300-E10-PS4BMC firmware for RS700A-E9-RS4V2BMC firmware for WS C422 PRO/SEBMC firmware for RS520-E9-RS12-EBMC firmware for WS X299 PRO/SEBMC firmware for RS720A-E9-RS24-E
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-28200
Matching Score-4
Assigner-TWCERT/CC
ShareView Details
Matching Score-4
Assigner-TWCERT/CC
CVSS Score-4.9||MEDIUM
EPSS-0.90% / 74.66%
||
7 Day CHG~0.00%
Published-06 Apr, 2021 | 05:02
Updated-16 Sep, 2024 | 16:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ASUS BMC's firmware: buffer overflow - CD media configuration function

The CD media configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service.

Action-Not Available
Vendor-ASUS (ASUSTeK Computer Inc.)
Product-z11pa-d8_firmwarers500-e9-rs4_firmwarers500a-e9_rs4_u_firmwarers700-e9-rs12_firmwarews_c422_pro\/se_firmwareesc4000_g4_firmwarers720-e9-rs12-ers500-e9-rs4-u_firmwarers720q-e9-rs8_firmwarers300-e10-rs4_firmwarers100-e10-pi2rs700a-e9-rs4v2_firmwarez11pa-d8c_firmwarers720a-e9-rs12v2rs720q-e9-rs8-srs500a-e10-ps4rs700-e9-rs4_firmwarers500-e9-ps4ws_c422_pro\/sers500-e9-rs4esc8000_g4_firmwarers500a-e9_rs4_uz11pr-d16rs520-e9-rs12-e_firmwarers500a-e10-ps4_firmwarews_c621e_sagers500a-e10-rs4rs300-e10-rs4z11pa-d8rs700a-e9-rs12v2_firmwarez11pa-u12\/10g-2srs300-e10-ps4asmb9-ikvmrs500a-e10-rs4_firmwarez11pa-u12rs500a-e9-rs4rs720a-e9-rs24-eesc4000_dhd_g4_firmwarers700a-e9-rs4_firmwarers700a-e9-rs4v2esc8000_g4rs720a-e9-rs24-e_firmwarepro_e800_g4rs720q-e9-rs8rs720a-e9-rs24v2e700_g4_firmwarers500-e9-rs4-urs700-e9-rs4z11pr-d16_firmwarers100-e10-pi2_firmwareesc4000_g4x_firmwarers500-e9-ps4_firmwarers520-e9-rs8rs500a-e9-ps4_firmwarers700a-e9-rs12v2rs520-e9-rs8_firmwarers720q-e9-rs24-srs520-e9-rs12-epro_e800_g4_firmwarez11pa-u12_firmwarez11pa-d8cknpa-u16esc4000_g4rs500a-e9-rs4_firmwarers720q-e9-rs24-s_firmwarez11pa-u12\/10g-2s_firmwarers700-e9-rs12ws_c621e_sage_firmwareknpa-u16_firmwareesc4000_dhd_g4rs720-e9-rs12-e_firmwarews_x299_pro\/sews_x299_pro\/se_firmwarers500a-e9-ps4asmb9-ikvm_firmwarers700a-e9-rs4rs720-e9-rs24-uesc8000_g4\/10g_firmwarers720a-e9-rs24v2_firmwareesc4000_g4xrs300-e10-ps4_firmwarers720-e9-rs8-grs720a-e9-rs12v2_firmwarers720-e9-rs8-g_firmwaree700_g4rs720-e9-rs24-u_firmwarers720q-e9-rs8-s_firmwareesc8000_g4\/10gBMC firmware for KNPA-U16BMC firmware for RS720Q-E9-RS24-SBMC firmware for ESC4000 G4XBMC firmware for RS500A-E9-RS4BMC firmware for Z11PA-D8BMC firmware for Z11PA-U12BMC firmware for ESC4000 DHD G4BMC firmware for RS720A-E9-RS12V2BMC firmware for WS C621E SAGEBMC firmware for RS500A-E10-RS4BMC firmware for RS520-E9-RS8BMC firmware for Pro E800 G4BMC firmware for RS500A-E9-PS4BMC firmware for RS500-E9-RS4BMC firmware for RS720-E9-RS24-UBMC firmware for Z11PA-U12/10G-2SBMC firmware for RS700A-E9-RS12V2BMC firmware for ASMB9-iKVMBMC firmware for RS720-E9-RS8-GBMC firmware for RS720A-E9-RS24V2BMC firmware for ESC4000 G4BMC firmware for RS500A-E10-PS4BMC firmware for RS700A-E9-RS4BMC firmware for E700 G4BMC firmware for RS100-E10-PI2BMC firmware for RS500-E9-PS4BMC firmware for ESC8000 G4BMC firmware for RS700-E9-RS4BMC firmware for Z11PR-D16BMC firmware for RS500-E9-RS4-UBMC firmware for RS720Q-E9-RS8-SBMC firmware for RS700-E9-RS12BMC firmware for RS720-E9-RS12-EBMC firmware for RS720Q-E9-RS8BMC firmware for ESC8000 G4/10GBMC firmware for Z11PA-D8CBMC firmware for RS500A-E9 RS4BMC firmware for RS300-E10-RS4BMC firmware for RS300-E10-PS4BMC firmware for RS700A-E9-RS4V2BMC firmware for WS C422 PRO/SEBMC firmware for RS520-E9-RS12-EBMC firmware for WS X299 PRO/SEBMC firmware for RS720A-E9-RS24-E
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-28181
Matching Score-4
Assigner-TWCERT/CC
ShareView Details
Matching Score-4
Assigner-TWCERT/CC
CVSS Score-4.9||MEDIUM
EPSS-0.90% / 74.66%
||
7 Day CHG~0.00%
Published-06 Apr, 2021 | 05:02
Updated-17 Sep, 2024 | 00:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ASUS BMC's firmware: buffer overflow - Remote video configuration setting

The specific function in ASUS BMC’s firmware Web management page (Remote video configuration setting) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service.

Action-Not Available
Vendor-ASUS (ASUSTeK Computer Inc.)
Product-z10pe-d16_ws_firmwarez10pr-d16_firmwareasmb8-ikvm_firmwarez10pe-d16_wsz10pr-d16asmb8-ikvmBMC firmware for Z10PR-D16BMC firmware for ASMB8-iKVMBMC firmware for Z10PE-D16 WS
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-28190
Matching Score-4
Assigner-TWCERT/CC
ShareView Details
Matching Score-4
Assigner-TWCERT/CC
CVSS Score-4.9||MEDIUM
EPSS-0.66% / 70.06%
||
7 Day CHG~0.00%
Published-06 Apr, 2021 | 05:02
Updated-16 Sep, 2024 | 17:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ASUS BMC's firmware: buffer overflow - Generate new certificate function

The specific function in ASUS BMC’s firmware Web management page (Generate new certificate function) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service.

Action-Not Available
Vendor-ASUS (ASUSTeK Computer Inc.)
Product-z11pa-d8_firmwarers500-e9-rs4_firmwarers500a-e9_rs4_u_firmwarers700-e9-rs12_firmwarews_c422_pro\/se_firmwareesc4000_g4_firmwarers720-e9-rs12-ers500-e9-rs4-u_firmwarers720q-e9-rs8_firmwarers300-e10-rs4_firmwarers100-e10-pi2rs700a-e9-rs4v2_firmwarez11pa-d8c_firmwarers720a-e9-rs12v2rs720q-e9-rs8-srs500a-e10-ps4rs700-e9-rs4_firmwarers500-e9-ps4ws_c422_pro\/sers500-e9-rs4esc8000_g4_firmwarers500a-e9_rs4_uz11pr-d16rs520-e9-rs12-e_firmwarers500a-e10-ps4_firmwarews_c621e_sagers500a-e10-rs4rs300-e10-rs4z11pa-d8rs700a-e9-rs12v2_firmwarez11pa-u12\/10g-2srs300-e10-ps4asmb9-ikvmrs500a-e10-rs4_firmwarez11pa-u12rs500a-e9-rs4rs720a-e9-rs24-eesc4000_dhd_g4_firmwarers700a-e9-rs4_firmwarers700a-e9-rs4v2esc8000_g4rs720a-e9-rs24-e_firmwarepro_e800_g4rs720q-e9-rs8rs720a-e9-rs24v2e700_g4_firmwarers500-e9-rs4-urs700-e9-rs4z11pr-d16_firmwarers100-e10-pi2_firmwareesc4000_g4x_firmwarers500-e9-ps4_firmwarers520-e9-rs8rs500a-e9-ps4_firmwarers700a-e9-rs12v2rs520-e9-rs8_firmwarers720q-e9-rs24-srs520-e9-rs12-epro_e800_g4_firmwarez11pa-u12_firmwarez11pa-d8cknpa-u16esc4000_g4rs500a-e9-rs4_firmwarers720q-e9-rs24-s_firmwarez11pa-u12\/10g-2s_firmwarers700-e9-rs12ws_c621e_sage_firmwareknpa-u16_firmwareesc4000_dhd_g4rs720-e9-rs12-e_firmwarews_x299_pro\/sews_x299_pro\/se_firmwarers500a-e9-ps4asmb9-ikvm_firmwarers700a-e9-rs4rs720-e9-rs24-uesc8000_g4\/10g_firmwarers720a-e9-rs24v2_firmwareesc4000_g4xrs300-e10-ps4_firmwarers720-e9-rs8-grs720a-e9-rs12v2_firmwarers720-e9-rs8-g_firmwaree700_g4rs720-e9-rs24-u_firmwarers720q-e9-rs8-s_firmwareesc8000_g4\/10gBMC firmware for KNPA-U16BMC firmware for RS720Q-E9-RS24-SBMC firmware for ESC4000 G4XBMC firmware for RS500A-E9-RS4BMC firmware for Z11PA-D8BMC firmware for Z11PA-U12BMC firmware for ESC4000 DHD G4BMC firmware for RS720A-E9-RS12V2BMC firmware for WS C621E SAGEBMC firmware for RS500A-E10-RS4BMC firmware for RS520-E9-RS8BMC firmware for Pro E800 G4BMC firmware for RS500A-E9-PS4BMC firmware for RS500-E9-RS4BMC firmware for RS720-E9-RS24-UBMC firmware for Z11PA-U12/10G-2SBMC firmware for RS700A-E9-RS12V2BMC firmware for ASMB9-iKVMBMC firmware for RS720-E9-RS8-GBMC firmware for RS720A-E9-RS24V2BMC firmware for ESC4000 G4BMC firmware for RS500A-E10-PS4BMC firmware for RS700A-E9-RS4BMC firmware for E700 G4BMC firmware for RS100-E10-PI2BMC firmware for RS500-E9-PS4BMC firmware for ESC8000 G4BMC firmware for RS700-E9-RS4BMC firmware for Z11PR-D16BMC firmware for RS500-E9-RS4-UBMC firmware for RS720Q-E9-RS8-SBMC firmware for RS700-E9-RS12BMC firmware for RS720-E9-RS12-EBMC firmware for RS720Q-E9-RS8BMC firmware for ESC8000 G4/10GBMC firmware for Z11PA-D8CBMC firmware for RS500A-E9 RS4BMC firmware for RS300-E10-RS4BMC firmware for RS300-E10-PS4BMC firmware for RS700A-E9-RS4V2BMC firmware for WS C422 PRO/SEBMC firmware for RS520-E9-RS12-EBMC firmware for WS X299 PRO/SEBMC firmware for RS720A-E9-RS24-E
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-28196
Matching Score-4
Assigner-TWCERT/CC
ShareView Details
Matching Score-4
Assigner-TWCERT/CC
CVSS Score-4.9||MEDIUM
EPSS-0.66% / 70.06%
||
7 Day CHG~0.00%
Published-06 Apr, 2021 | 05:02
Updated-16 Sep, 2024 | 19:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ASUS BMC's firmware: buffer overflow - Generate SSL certificate function

The specific function in ASUS BMC’s firmware Web management page (Generate SSL certificate function) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service.

Action-Not Available
Vendor-ASUS (ASUSTeK Computer Inc.)
Product-z11pa-d8_firmwarers500-e9-rs4_firmwarers500a-e9_rs4_u_firmwarers700-e9-rs12_firmwarews_c422_pro\/se_firmwareesc4000_g4_firmwarers720-e9-rs12-ers500-e9-rs4-u_firmwarers720q-e9-rs8_firmwarers300-e10-rs4_firmwarers100-e10-pi2rs700a-e9-rs4v2_firmwarez11pa-d8c_firmwarers720a-e9-rs12v2rs720q-e9-rs8-srs500a-e10-ps4rs700-e9-rs4_firmwarers500-e9-ps4ws_c422_pro\/sers500-e9-rs4esc8000_g4_firmwarers500a-e9_rs4_uz11pr-d16rs520-e9-rs12-e_firmwarers500a-e10-ps4_firmwarews_c621e_sagers500a-e10-rs4rs300-e10-rs4z11pa-d8rs700a-e9-rs12v2_firmwarez11pa-u12\/10g-2srs300-e10-ps4asmb9-ikvmrs500a-e10-rs4_firmwarez11pa-u12rs500a-e9-rs4rs720a-e9-rs24-eesc4000_dhd_g4_firmwarers700a-e9-rs4_firmwarers700a-e9-rs4v2esc8000_g4rs720a-e9-rs24-e_firmwarepro_e800_g4rs720q-e9-rs8rs720a-e9-rs24v2e700_g4_firmwarers500-e9-rs4-urs700-e9-rs4z11pr-d16_firmwarers100-e10-pi2_firmwareesc4000_g4x_firmwarers500-e9-ps4_firmwarers520-e9-rs8rs500a-e9-ps4_firmwarers700a-e9-rs12v2rs520-e9-rs8_firmwarers720q-e9-rs24-srs520-e9-rs12-epro_e800_g4_firmwarez11pa-u12_firmwarez11pa-d8cknpa-u16esc4000_g4rs500a-e9-rs4_firmwarers720q-e9-rs24-s_firmwarez11pa-u12\/10g-2s_firmwarers700-e9-rs12ws_c621e_sage_firmwareknpa-u16_firmwareesc4000_dhd_g4rs720-e9-rs12-e_firmwarews_x299_pro\/sews_x299_pro\/se_firmwarers500a-e9-ps4asmb9-ikvm_firmwarers700a-e9-rs4rs720-e9-rs24-uesc8000_g4\/10g_firmwarers720a-e9-rs24v2_firmwareesc4000_g4xrs300-e10-ps4_firmwarers720-e9-rs8-grs720a-e9-rs12v2_firmwarers720-e9-rs8-g_firmwaree700_g4rs720-e9-rs24-u_firmwarers720q-e9-rs8-s_firmwareesc8000_g4\/10gBMC firmware for KNPA-U16BMC firmware for RS720Q-E9-RS24-SBMC firmware for ESC4000 G4XBMC firmware for RS500A-E9-RS4BMC firmware for Z11PA-D8BMC firmware for Z11PA-U12BMC firmware for ESC4000 DHD G4BMC firmware for RS720A-E9-RS12V2BMC firmware for WS C621E SAGEBMC firmware for RS500A-E10-RS4BMC firmware for RS520-E9-RS8BMC firmware for Pro E800 G4BMC firmware for RS500A-E9-PS4BMC firmware for RS500-E9-RS4BMC firmware for RS720-E9-RS24-UBMC firmware for Z11PA-U12/10G-2SBMC firmware for RS700A-E9-RS12V2BMC firmware for ASMB9-iKVMBMC firmware for RS720-E9-RS8-GBMC firmware for RS720A-E9-RS24V2BMC firmware for ESC4000 G4BMC firmware for RS500A-E10-PS4BMC firmware for RS700A-E9-RS4BMC firmware for E700 G4BMC firmware for RS100-E10-PI2BMC firmware for RS500-E9-PS4BMC firmware for ESC8000 G4BMC firmware for RS700-E9-RS4BMC firmware for Z11PR-D16BMC firmware for RS500-E9-RS4-UBMC firmware for RS720Q-E9-RS8-SBMC firmware for RS700-E9-RS12BMC firmware for RS720-E9-RS12-EBMC firmware for RS720Q-E9-RS8BMC firmware for ESC8000 G4/10GBMC firmware for Z11PA-D8CBMC firmware for RS500A-E9 RS4BMC firmware for RS300-E10-RS4BMC firmware for RS300-E10-PS4BMC firmware for RS700A-E9-RS4V2BMC firmware for WS C422 PRO/SEBMC firmware for RS520-E9-RS12-EBMC firmware for WS X299 PRO/SEBMC firmware for RS720A-E9-RS24-E
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-37910
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-4.4||MEDIUM
EPSS-0.16% / 37.43%
||
7 Day CHG~0.00%
Published-03 Nov, 2022 | 19:34
Updated-02 May, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability exists in the ArubaOS command line interface. Successful exploitation of this vulnerability results in a denial of service on the affected system.

Action-Not Available
Vendor-Hewlett Packard Enterprise (HPE)Aruba Networks
Product-arubaossd-wanAruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; WLAN Gateways and SD-WAN Gateways managed by Aruba Central
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-1898
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-7.1||HIGH
EPSS-0.03% / 7.65%
||
7 Day CHG~0.00%
Published-04 Mar, 2025 | 02:00
Updated-04 Mar, 2025 | 14:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda TX3 openSchedWifi buffer overflow

A vulnerability, which was classified as critical, was found in Tenda TX3 16.03.13.11_multi. Affected is an unknown function of the file /goform/openSchedWifi. The manipulation of the argument schedStartTime/schedEndTime leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-TX3
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-28191
Matching Score-4
Assigner-TWCERT/CC
ShareView Details
Matching Score-4
Assigner-TWCERT/CC
CVSS Score-4.9||MEDIUM
EPSS-0.90% / 74.66%
||
7 Day CHG~0.00%
Published-06 Apr, 2021 | 05:02
Updated-16 Sep, 2024 | 19:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ASUS BMC's firmware: buffer overflow - Firmware update function

The Firmware update function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service.

Action-Not Available
Vendor-ASUS (ASUSTeK Computer Inc.)
Product-z11pa-d8_firmwarers500-e9-rs4_firmwarers500a-e9_rs4_u_firmwarers700-e9-rs12_firmwarews_c422_pro\/se_firmwareesc4000_g4_firmwarers720-e9-rs12-ers500-e9-rs4-u_firmwarers720q-e9-rs8_firmwarers300-e10-rs4_firmwarers100-e10-pi2rs700a-e9-rs4v2_firmwarez11pa-d8c_firmwarers720a-e9-rs12v2rs720q-e9-rs8-srs500a-e10-ps4rs700-e9-rs4_firmwarers500-e9-ps4ws_c422_pro\/sers500-e9-rs4esc8000_g4_firmwarers500a-e9_rs4_uz11pr-d16rs520-e9-rs12-e_firmwarers500a-e10-ps4_firmwarews_c621e_sagers500a-e10-rs4rs300-e10-rs4z11pa-d8rs700a-e9-rs12v2_firmwarez11pa-u12\/10g-2srs300-e10-ps4asmb9-ikvmrs500a-e10-rs4_firmwarez11pa-u12rs500a-e9-rs4rs720a-e9-rs24-eesc4000_dhd_g4_firmwarers700a-e9-rs4_firmwarers700a-e9-rs4v2esc8000_g4rs720a-e9-rs24-e_firmwarepro_e800_g4rs720q-e9-rs8rs720a-e9-rs24v2e700_g4_firmwarers500-e9-rs4-urs700-e9-rs4z11pr-d16_firmwarers100-e10-pi2_firmwareesc4000_g4x_firmwarers500-e9-ps4_firmwarers520-e9-rs8rs500a-e9-ps4_firmwarers700a-e9-rs12v2rs520-e9-rs8_firmwarers720q-e9-rs24-srs520-e9-rs12-epro_e800_g4_firmwarez11pa-u12_firmwarez11pa-d8cknpa-u16esc4000_g4rs500a-e9-rs4_firmwarers720q-e9-rs24-s_firmwarez11pa-u12\/10g-2s_firmwarers700-e9-rs12ws_c621e_sage_firmwareknpa-u16_firmwareesc4000_dhd_g4rs720-e9-rs12-e_firmwarews_x299_pro\/sews_x299_pro\/se_firmwarers500a-e9-ps4asmb9-ikvm_firmwarers700a-e9-rs4rs720-e9-rs24-uesc8000_g4\/10g_firmwarers720a-e9-rs24v2_firmwareesc4000_g4xrs300-e10-ps4_firmwarers720-e9-rs8-grs720a-e9-rs12v2_firmwarers720-e9-rs8-g_firmwaree700_g4rs720-e9-rs24-u_firmwarers720q-e9-rs8-s_firmwareesc8000_g4\/10gBMC firmware for KNPA-U16BMC firmware for RS720Q-E9-RS24-SBMC firmware for ESC4000 G4XBMC firmware for RS500A-E9-RS4BMC firmware for Z11PA-D8BMC firmware for Z11PA-U12BMC firmware for ESC4000 DHD G4BMC firmware for RS720A-E9-RS12V2BMC firmware for WS C621E SAGEBMC firmware for RS500A-E10-RS4BMC firmware for RS520-E9-RS8BMC firmware for Pro E800 G4BMC firmware for RS500A-E9-PS4BMC firmware for RS500-E9-RS4BMC firmware for RS720-E9-RS24-UBMC firmware for Z11PA-U12/10G-2SBMC firmware for RS700A-E9-RS12V2BMC firmware for ASMB9-iKVMBMC firmware for RS720-E9-RS8-GBMC firmware for RS720A-E9-RS24V2BMC firmware for ESC4000 G4BMC firmware for RS500A-E10-PS4BMC firmware for RS700A-E9-RS4BMC firmware for E700 G4BMC firmware for RS100-E10-PI2BMC firmware for RS500-E9-PS4BMC firmware for ESC8000 G4BMC firmware for RS700-E9-RS4BMC firmware for Z11PR-D16BMC firmware for RS500-E9-RS4-UBMC firmware for RS720Q-E9-RS8-SBMC firmware for RS700-E9-RS12BMC firmware for RS720-E9-RS12-EBMC firmware for RS720Q-E9-RS8BMC firmware for ESC8000 G4/10GBMC firmware for Z11PA-D8CBMC firmware for RS500A-E9 RS4BMC firmware for RS300-E10-RS4BMC firmware for RS300-E10-PS4BMC firmware for RS700A-E9-RS4V2BMC firmware for WS C422 PRO/SEBMC firmware for RS520-E9-RS12-EBMC firmware for WS X299 PRO/SEBMC firmware for RS720A-E9-RS24-E
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-28177
Matching Score-4
Assigner-TWCERT/CC
ShareView Details
Matching Score-4
Assigner-TWCERT/CC
CVSS Score-4.9||MEDIUM
EPSS-0.90% / 74.66%
||
7 Day CHG~0.00%
Published-06 Apr, 2021 | 05:02
Updated-16 Sep, 2024 | 19:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ASUS BMC's firmware: buffer overflow - LDAP configuration function

The LDAP configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service.

Action-Not Available
Vendor-ASUS (ASUSTeK Computer Inc.)
Product-z10pe-d16_ws_firmwarez10pr-d16_firmwareasmb8-ikvm_firmwarez10pe-d16_wsz10pr-d16asmb8-ikvmBMC firmware for Z10PR-D16BMC firmware for ASMB8-iKVMBMC firmware for Z10PE-D16 WS
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-28180
Matching Score-4
Assigner-TWCERT/CC
ShareView Details
Matching Score-4
Assigner-TWCERT/CC
CVSS Score-4.9||MEDIUM
EPSS-0.90% / 74.66%
||
7 Day CHG~0.00%
Published-06 Apr, 2021 | 05:02
Updated-16 Sep, 2024 | 23:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ASUS BMC's firmware: buffer overflow - Audit log configuration setting

The specific function in ASUS BMC’s firmware Web management page (Audit log configuration setting) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service.

Action-Not Available
Vendor-ASUS (ASUSTeK Computer Inc.)
Product-z10pe-d16_ws_firmwarez10pr-d16_firmwareasmb8-ikvm_firmwarez10pe-d16_wsz10pr-d16asmb8-ikvmBMC firmware for Z10PR-D16BMC firmware for ASMB8-iKVMBMC firmware for Z10PE-D16 WS
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-28187
Matching Score-4
Assigner-TWCERT/CC
ShareView Details
Matching Score-4
Assigner-TWCERT/CC
CVSS Score-4.9||MEDIUM
EPSS-0.66% / 70.06%
||
7 Day CHG~0.00%
Published-06 Apr, 2021 | 05:02
Updated-16 Sep, 2024 | 17:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ASUS BMC's firmware: buffer overflow - Generate new SSL certificate

The specific function in ASUS BMC’s firmware Web management page (Generate new SSL certificate) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service.

Action-Not Available
Vendor-ASUS (ASUSTeK Computer Inc.)
Product-z10pe-d16_ws_firmwarez10pr-d16_firmwareasmb8-ikvm_firmwarez10pe-d16_wsz10pr-d16asmb8-ikvmBMC firmware for Z10PR-D16BMC firmware for ASMB8-iKVMBMC firmware for Z10PE-D16 WS
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-28199
Matching Score-4
Assigner-TWCERT/CC
ShareView Details
Matching Score-4
Assigner-TWCERT/CC
CVSS Score-4.9||MEDIUM
EPSS-0.90% / 74.72%
||
7 Day CHG~0.00%
Published-06 Apr, 2021 | 05:02
Updated-16 Sep, 2024 | 16:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ASUS BMC's firmware: buffer overflow - Modify user’s information function

The specific function in ASUS BMC’s firmware Web management page (Modify user’s information function) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service.

Action-Not Available
Vendor-ASUS (ASUSTeK Computer Inc.)
Product-z11pa-d8_firmwarers500-e9-rs4_firmwarers500a-e9_rs4_u_firmwarers700-e9-rs12_firmwarews_c422_pro\/se_firmwareesc4000_g4_firmwarers720-e9-rs12-ers500-e9-rs4-u_firmwarers720q-e9-rs8_firmwarers300-e10-rs4_firmwarers100-e10-pi2rs700a-e9-rs4v2_firmwarez11pa-d8c_firmwarers720a-e9-rs12v2rs720q-e9-rs8-srs500a-e10-ps4rs700-e9-rs4_firmwarers500-e9-ps4ws_c422_pro\/sers500-e9-rs4esc8000_g4_firmwarers500a-e9_rs4_uz11pr-d16rs520-e9-rs12-e_firmwarers500a-e10-ps4_firmwarews_c621e_sagers500a-e10-rs4rs300-e10-rs4z11pa-d8rs700a-e9-rs12v2_firmwarez11pa-u12\/10g-2srs300-e10-ps4asmb9-ikvmrs500a-e10-rs4_firmwarez11pa-u12rs500a-e9-rs4rs720a-e9-rs24-eesc4000_dhd_g4_firmwarers700a-e9-rs4_firmwarers700a-e9-rs4v2esc8000_g4rs720a-e9-rs24-e_firmwarepro_e800_g4rs720q-e9-rs8rs720a-e9-rs24v2e700_g4_firmwarers500-e9-rs4-urs700-e9-rs4z11pr-d16_firmwarers100-e10-pi2_firmwareesc4000_g4x_firmwarers500-e9-ps4_firmwarers520-e9-rs8rs500a-e9-ps4_firmwarers700a-e9-rs12v2rs520-e9-rs8_firmwarers720q-e9-rs24-srs520-e9-rs12-epro_e800_g4_firmwarez11pa-u12_firmwarez11pa-d8cknpa-u16esc4000_g4rs500a-e9-rs4_firmwarers720q-e9-rs24-s_firmwarez11pa-u12\/10g-2s_firmwarers700-e9-rs12ws_c621e_sage_firmwareknpa-u16_firmwareesc4000_dhd_g4rs720-e9-rs12-e_firmwarews_x299_pro\/sews_x299_pro\/se_firmwarers500a-e9-ps4asmb9-ikvm_firmwarers700a-e9-rs4rs720-e9-rs24-uesc8000_g4\/10g_firmwarers720a-e9-rs24v2_firmwareesc4000_g4xrs300-e10-ps4_firmwarers720-e9-rs8-grs720a-e9-rs12v2_firmwarers720-e9-rs8-g_firmwaree700_g4rs720-e9-rs24-u_firmwarers720q-e9-rs8-s_firmwareesc8000_g4\/10gBMC firmware for KNPA-U16BMC firmware for RS720Q-E9-RS24-SBMC firmware for ESC4000 G4XBMC firmware for RS500A-E9-RS4BMC firmware for Z11PA-D8BMC firmware for Z11PA-U12BMC firmware for ESC4000 DHD G4BMC firmware for RS720A-E9-RS12V2BMC firmware for WS C621E SAGEBMC firmware for RS500A-E10-RS4BMC firmware for RS520-E9-RS8BMC firmware for Pro E800 G4BMC firmware for RS500A-E9-PS4BMC firmware for RS500-E9-RS4BMC firmware for RS720-E9-RS24-UBMC firmware for Z11PA-U12/10G-2SBMC firmware for RS700A-E9-RS12V2BMC firmware for ASMB9-iKVMBMC firmware for RS720-E9-RS8-GBMC firmware for RS720A-E9-RS24V2BMC firmware for ESC4000 G4BMC firmware for RS500A-E10-PS4BMC firmware for RS700A-E9-RS4BMC firmware for E700 G4BMC firmware for RS100-E10-PI2BMC firmware for RS500-E9-PS4BMC firmware for ESC8000 G4BMC firmware for RS700-E9-RS4BMC firmware for Z11PR-D16BMC firmware for RS500-E9-RS4-UBMC firmware for RS720Q-E9-RS8-SBMC firmware for RS700-E9-RS12BMC firmware for RS720-E9-RS12-EBMC firmware for RS720Q-E9-RS8BMC firmware for ESC8000 G4/10GBMC firmware for Z11PA-D8CBMC firmware for RS500A-E9 RS4BMC firmware for RS300-E10-RS4BMC firmware for RS300-E10-PS4BMC firmware for RS700A-E9-RS4V2BMC firmware for WS C422 PRO/SEBMC firmware for RS520-E9-RS12-EBMC firmware for WS X299 PRO/SEBMC firmware for RS720A-E9-RS24-E
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
  • Previous
  • 1
  • 2
  • Next
Details not found