{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-25T06:53:14.274","vulnerabilities":[{"cve":{"id":"CVE-2021-28175","sourceIdentifier":"twcert@cert.org.tw","published":"2021-04-06T05:15:13.067","lastModified":"2026-06-17T03:45:57.533","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The Radius configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service."},{"lang":"es","value":"La función de configuration de Radius en la página de administración Web del firmware de ASUS BMC, no verifica la longitud de la cadena introducida por usuarios, resultando en una vulnerabilidad de desbordamiento del búfer. Al obtener el permiso privilegiado, los atacantes remotos usan la filtración para finalizar anormalmente el servicio Web"}],"affected":[{"source":"twcert@cert.org.tw","affectedData":[{"vendor":"ASUS","product":"BMC firmware for Z10PR-D16","versions":[{"version":"1.14.51","status":"affected"}]},{"vendor":"ASUS","product":"BMC firmware for ASMB8-iKVM","versions":[{"version":"1.14.51","status":"affected"}]},{"vendor":"ASUS","product":"BMC firmware for Z10PE-D16 WS","versions":[{"version":"1.14.2","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"twcert@cert.org.tw","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","baseScore":4.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","baseScore":4.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:N/I:N/A:P","baseScore":4.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"twcert@cert.org.tw","type":"Secondary","description":[{"lang":"en","value":"CWE-120"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-120"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:asus:z10pr-d16_firmware:1.14.51:*:*:*:*:*:*:*","matchCriteriaId":"F38D0E80-BD62-46A7-B1CD-6C7045FF7F79"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:asus:z10pr-d16:-:*:*:*:*:*:*:*","matchCriteriaId":"A340A0CE-8BD2-420A-814B-5585C08A4CCB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:asus:asmb8-ikvm_firmware:1.14.51:*:*:*:*:*:*:*","matchCriteriaId":"4D98B9CE-6675-48A4-98A3-6E5DA19A2480"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:asus:asmb8-ikvm:-:*:*:*:*:*:*:*","matchCriteriaId":"1A2F069D-18EE-49A3-A8EB-3C745425BFFE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:asus:z10pe-d16_ws_firmware:1.14.2:*:*:*:*:*:*:*","matchCriteriaId":"0B5DB0A7-B863-4AFF-BEB6-6958F921C016"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:asus:z10pe-d16_ws:-:*:*:*:*:*:*:*","matchCriteriaId":"51F61A82-6BBE-4758-9789-7CE6FCB9E20D"}]}]}],"references":[{"url":"https://www.asus.com/content/ASUS-Product-Security-Advisory/","source":"twcert@cert.org.tw","tags":["Vendor Advisory"]},{"url":"https://www.asus.com/tw/support/callus/","source":"twcert@cert.org.tw","tags":["Vendor Advisory"]},{"url":"https://www.twcert.org.tw/tw/cp-132-4543-98220-1.html","source":"twcert@cert.org.tw","tags":["Third Party Advisory"]},{"url":"https://www.asus.com/content/ASUS-Product-Security-Advisory/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://www.asus.com/tw/support/callus/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://www.twcert.org.tw/tw/cp-132-4543-98220-1.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}