Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In April 2021
CVE-2021-28189
The SMTP configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service.
CVSS Score
4.9
EPSS Score
0.009
Published
2021-04-06
CVE-2021-28190
The specific function in ASUS BMC’s firmware Web management page (Generate new certificate function) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service.
CVSS Score
4.9
EPSS Score
0.007
Published
2021-04-06
CVE-2021-28191
The Firmware update function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service.
CVSS Score
4.9
EPSS Score
0.009
Published
2021-04-06
CVE-2021-28192
The specific function in ASUS BMC’s firmware Web management page (Remote video storage function) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service.
CVSS Score
4.9
EPSS Score
0.009
Published
2021-04-06
CVE-2021-28176
The DNS configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service.
CVSS Score
4.9
EPSS Score
0.009
Published
2021-04-06
CVE-2021-28177
The LDAP configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service.
CVSS Score
4.9
EPSS Score
0.009
Published
2021-04-06
CVE-2021-28178
The UEFI configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service.
CVSS Score
4.9
EPSS Score
0.009
Published
2021-04-06
CVE-2021-28179
The specific function in ASUS BMC’s firmware Web management page (Media support configuration setting) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service.
CVSS Score
4.9
EPSS Score
0.009
Published
2021-04-06
CVE-2021-28180
The specific function in ASUS BMC’s firmware Web management page (Audit log configuration setting) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service.
CVSS Score
4.9
EPSS Score
0.009
Published
2021-04-06
CVE-2021-28175
The Radius configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service.
CVSS Score
4.9
EPSS Score
0.009
Published
2021-04-06


Products
Pricing
Contact Us

Shodan ® - All rights reserved