{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-18T17:11:36.904","vulnerabilities":[{"cve":{"id":"CVE-2021-28205","sourceIdentifier":"twcert@cert.org.tw","published":"2021-04-06T05:15:17.143","lastModified":"2024-11-21T05:59:21.443","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The specific function in ASUS BMC’s firmware Web management page (Delete SOL video file function) does not filter the specific parameter. As obtaining the administrator permission, remote attackers can use the means of path traversal to access system files."},{"lang":"es","value":"La función specific en la página de administración Web del firmware de ASUS BMC (Borra la función de archivo de video SOL) no filtra el parámetro specific. Como obtener el permiso de administrador, unos atacantes remotos pueden usar los medios de salto de ruta para acceder a unos archivos del sistema"}],"metrics":{"cvssMetricV31":[{"source":"twcert@cert.org.tw","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","baseScore":4.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.2,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","baseScore":4.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.2,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:C/I:N/A:N","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"COMPLETE","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"twcert@cert.org.tw","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:asus:z10pr-d16_firmware:1.14.51:*:*:*:*:*:*:*","matchCriteriaId":"F38D0E80-BD62-46A7-B1CD-6C7045FF7F79"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:asus:z10pr-d16:-:*:*:*:*:*:*:*","matchCriteriaId":"A340A0CE-8BD2-420A-814B-5585C08A4CCB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:asus:asmb8-ikvm_firmware:1.14.51:*:*:*:*:*:*:*","matchCriteriaId":"4D98B9CE-6675-48A4-98A3-6E5DA19A2480"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:asus:asmb8-ikvm:-:*:*:*:*:*:*:*","matchCriteriaId":"1A2F069D-18EE-49A3-A8EB-3C745425BFFE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:asus:z10pe-d16_ws_firmware:1.14.2:*:*:*:*:*:*:*","matchCriteriaId":"0B5DB0A7-B863-4AFF-BEB6-6958F921C016"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:asus:z10pe-d16_ws:-:*:*:*:*:*:*:*","matchCriteriaId":"51F61A82-6BBE-4758-9789-7CE6FCB9E20D"}]}]}],"references":[{"url":"https://www.asus.com/content/ASUS-Product-Security-Advisory/","source":"twcert@cert.org.tw","tags":["Vendor Advisory"]},{"url":"https://www.asus.com/tw/support/callus/","source":"twcert@cert.org.tw","tags":["Vendor Advisory"]},{"url":"https://www.twcert.org.tw/tw/cp-132-4575-2e32d-1.html","source":"twcert@cert.org.tw","tags":["Third Party Advisory"]},{"url":"https://www.asus.com/content/ASUS-Product-Security-Advisory/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://www.asus.com/tw/support/callus/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://www.twcert.org.tw/tw/cp-132-4575-2e32d-1.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}