CVE-2021-28206

Description

The specific function in ASUS BMC’s firmware Web management page (Record video file function) does not filter the specific parameter. As obtaining the administrator permission, remote attackers can use the means of path traversal to access system files.

CVSS breakdown

Affected products

• ASUS / BMC firmware for ASMB9-iKVM1.11.12 – 1.11.12
• ASUS / BMC firmware for E700 G41.14.1 – 1.14.1
• ASUS / BMC firmware for ESC4000 DHD G41.13.7 – 1.13.7
• ASUS / BMC firmware for ESC4000 G41.15.2 – 1.15.2
• ASUS / BMC firmware for ESC4000 G4X1.11.6 – 1.11.6
• ASUS / BMC firmware for ESC8000 G41.15.4 – 1.15.4
• ASUS / BMC firmware for ESC8000 G4/10G1.15.4 – 1.15.4
• ASUS / BMC firmware for KNPA-U161.13.4 – 1.13.4
• ASUS / BMC firmware for Pro E800 G41.14.2 – 1.14.2
• ASUS / BMC firmware for RS100-E10-PI21.13.6 – 1.13.6
• ASUS / BMC firmware for RS300-E10-PS41.13.6 – 1.13.6
• ASUS / BMC firmware for RS300-E10-RS41.13.6 – 1.13.6
• ASUS / BMC firmware for RS500A-E10-PS41.15.2 – 1.15.2
• ASUS / BMC firmware for RS500A-E10-RS41.15.2 – 1.15.2
• ASUS / BMC firmware for RS500A-E9-PS41.14.1 – 1.14.1
• ASUS / BMC firmware for RS500A-E9-RS41.14.1 – 1.14.1
• ASUS / BMC firmware for RS500-E9-PS41.15.4 – 1.15.4
• ASUS / BMC firmware for RS500-E9-RS41.15.4 – 1.15.4
• ASUS / BMC firmware for RS500-E9-RS4-U1.15.4 – 1.15.4
• ASUS / BMC firmware for RS520-E9-RS12-E1.15.3 – 1.15.3
• ASUS / BMC firmware for RS520-E9-RS81.15.3 – 1.15.3
• ASUS / BMC firmware for RS700A-E9-RS12V21.15.1 – 1.15.1
• ASUS / BMC firmware for RS700A-E9-RS41.10.0 – 1.10.0
• ASUS / BMC firmware for RS700A-E9-RS4V21.15.1 – 1.15.1
• ASUS / BMC firmware for RS700-E9-RS121.11.5 – 1.11.5
• ASUS / BMC firmware for RS700-E9-RS41.09 – 1.09
• ASUS / BMC firmware for RS720A-E9-RS12V21.15.2 – 1.15.2
• ASUS / BMC firmware for RS720A-E9-RS24-E1.10.3 – 1.10.3
• ASUS / BMC firmware for RS720A-E9-RS24V21.15.1 – 1.15.1
• ASUS / BMC firmware for RS720-E9-RS12-E1.15.2 – 1.15.2
• ASUS / BMC firmware for RS720-E9-RS24-U1.14.3 – 1.14.3
• ASUS / BMC firmware for RS720-E9-RS8-G1.15.2 – 1.15.2
• ASUS / BMC firmware for RS720Q-E9-RS24-S1.15.0 – 1.15.0
• ASUS / BMC firmware for RS720Q-E9-RS81.15.0 – 1.15.0
• ASUS / BMC firmware for RS720Q-E9-RS8-S1.15.0 – 1.15.0
• ASUS / BMC firmware for WS C422 PRO/SE1.14.1 – 1.14.1
• ASUS / BMC firmware for WS C621E SAGE1.15.1 – 1.15.1
• ASUS / BMC firmware for WS X299 PRO/SE1.14.1 – 1.14.1
• ASUS / BMC firmware for Z11PA-D81.14.1 – 1.14.1
• ASUS / BMC firmware for Z11PA-D8C1.14.1 – 1.14.1
• ASUS / BMC firmware for Z11PA-U121.15.1 – 1.15.1
• ASUS / BMC firmware for Z11PA-U12/10G-2S1.15.1 – 1.15.1
• ASUS / BMC firmware for Z11PR-D161.15.3 – 1.15.3

References

• MISChttps://www.asus.com/content/ASUS-Product-Security-Advisory/
• MISChttps://www.asus.com/tw/support/callus/
• MISChttps://www.twcert.org.tw/tw/cp-132-4576-422ac-1.html