Asmb9 Ikvm Firmware
CVE-2021-28206
MEDIUM
Severity by source
AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Lifecycle Timeline
1DescriptionNVD
The specific function in ASUS BMC’s firmware Web management page (Record video file function) does not filter the specific parameter. As obtaining the administrator permission, remote attackers can use the means of path traversal to access system files.
AnalysisAI
The specific function in ASUS BMC’s firmware Web management page (Record video file function) does not filter the specific parameter. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified as Path Traversal (CWE-22), which allows attackers to access files and directories outside the intended path. The specific function in ASUS BMC’s firmware Web management page (Record video file function) does not filter the specific parameter. As obtaining the administrator permission, remote attackers can use the means of path traversal to access system files. Affected products include: Asus Asmb9-Ikvm Firmware, Asus Rs720A-E9-Rs24-E Firmware, Asus Rs700A-E9-Rs4 Firmware, Asus Rs700-E9-Rs4 Firmware, Asus Esc4000 G4X Firmware.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Validate and canonicalize file paths. Use chroot or sandboxing. Reject input containing path separators or '../' sequences.
More in Asmb9 Ikvm Firmware
View allThe specific function in ASUS BMC’s firmware Web management page (Delete video file function) does not filter the specif
The specific function in ASUS BMC’s firmware Web management page (Get video file function) does not filter the specific
The specific function in ASUS BMC’s firmware Web management page (Get Help file function) does not filter the specific p
The Service configuration-2 function in ASUS BMC’s firmware Web management page does not verify the string length entere
The Service configuration-1 function in ASUS BMC’s firmware Web management page does not verify the string length entere
The CD media configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered
The specific function in ASUS BMC’s firmware Web management page (Modify user’s information function) does not verify th
The Firmware protocol configuration function in ASUS BMC’s firmware Web management page does not verify the string lengt
The Active Directory configuration function in ASUS BMC’s firmware Web management page does not verify the string length
The specific function in ASUS BMC’s firmware Web management page (Generate SSL certificate function) does not verify the
The Radius configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered b
The specific function in ASUS BMC’s firmware Web management page (Remote image configuration setting) does not verify th
Same weakness CWE-22 – Path Traversal
View allSame technique Path Traversal
View allShare
External POC / Exploit Code
Leaving vuln.today