ASUS BMC's firmware: path traversal - Delete SOL video file function
CVE-2021-28205

4.9MEDIUM

Key Information:

Vendor
Asus
Status
Bmc Firmware For Z10pr-d16
Bmc Firmware For Asmb8-ikvm
Bmc Firmware For Z10pe-d16 Ws
Vendor
CVE Published:
6 April 2021

Summary

The specific function in ASUS BMC’s firmware Web management page (Delete SOL video file function) does not filter the specific parameter. As obtaining the administrator permission, remote attackers can use the means of path traversal to access system files.

Affected Version(s)

BMC firmware for ASMB8-iKVM 1.14.51

BMC firmware for Z10PE-D16 WS 1.14.2

BMC firmware for Z10PR-D16 1.14.51

References

https://www.asus.com/content/ASUS-Product-Security-Advisory/
x_refsource_MISC
https://www.asus.com/tw/support/callus/
x_refsource_MISC
https://www.twcert.org.tw/tw/cp-132-4575-2e32d-1.html
x_refsource_MISC

CVSS V3.1

Score:
4.9
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.