CVE-2021-28209: ASUS BMC's firmware: path traversal - Delete video file function
First published: Tue Apr 06 2021(Updated: )
The specific function in ASUS BMC’s firmware Web management page (Delete video file function) does not filter the specific parameter. As obtaining the administrator permission, remote attackers can use the means of path traversal to access system files.
Credit: twcert@cert.org.tw
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Asus ASMB9-IKVM | =1.11.12 | |
| Asus Asmb9-ikvm Firmware | ||
| Asus RS720A-E9-RS24-E | =1.10.3 | |
| Asus Rs720a-e9-rs24-e Firmware | ||
| Asus RS700A-E9-RS4V2 | =1.10.0 | |
| Asus RS700A-E9-RS4V2 | ||
| Asus RS700-E9-RS4 | =1.09 | |
| Asus Rs700-e9-rs4 Firmware | ||
| Asus Esc4000 G4x Firmware | =1.11.6 | |
| Asus Esc4000 G4x Firmware | ||
| Asus RS700-E9-RS12 | =1.11.5 | |
| Asus RS700-E9-RS12 | ||
| Asus RS100-E10-PI2 | =1.13.6 | |
| Asus RS100-E10-PI2 | ||
| Asus RS300-E10-PS4 | =1.13.6 | |
| Asus RS300-E10-PS4 Firmware | ||
| Asus RS300-E10-RS4 | =1.13.6 | |
| Asus RS300-E10-RS4 Firmware | ||
| Asus RS500A-E9-PS4 | =1.14.1 | |
| Asus RS500-E9-PS4 | ||
| Asus RS500A-E9 RS4 U | =1.14.1 | |
| Asus RS500A-E9 RS4 U | ||
| Asus RS500A-E9-PS4 | =1.14.1 | |
| Asus RS500A-E9 RS4 U Firmware | ||
| Asus E700 G4 | =1.14.1 | |
| Asus E700 G4 | ||
| Asus WS C422 Pro/SE Firmware | =1.14.1 | |
| Asus WS C422 Pro/SE | ||
| Asus Ws X299 Pro/se Firmware | =1.14.1 | |
| Asus WS X299 Pro/SE | ||
| Asus Z11pa-u12 Firmware | =1.15.1 | |
| Asus Z11pa-u12 Firmware | ||
| Asus Z11pa-u12/10g-2s Firmware | =1.15.1 | |
| Asus Z11pa-u12/10g-2s | ||
| Asus Knpa-u16 | =1.13.4 | |
| Asus Knpa-u16 Firmware | ||
| Asus Esc4000 Dhd G4 | =1.13.7 | |
| Asus Esc4000 Dhd G4 | ||
| Asus Esc4000 G4 | =1.15.2 | |
| Asus Esc4000 G4 Firmware | ||
| Asus RS720Q-E9-RS24-S Firmware | =1.15.0 | |
| Asus RS720Q-E9-RS24-S Firmware | ||
| Asus RS720Q-E9-RS8 | =1.15.0 | |
| Asus RS720Q-E9-RS8 Firmware | ||
| Asus RS720Q-E9-RS8-S | =1.15.0 | |
| Asus Rs720q-e9-rs24-s | ||
| Asus Z11pa-d8 | =1.14.1 | |
| Asus Z11pa-d8 Firmware | ||
| Asus Z11pa-d8c Firmware | =1.14.1 | |
| Asus Z11pa-d8c Firmware | ||
| Asus RS720-E9-RS24-U | =1.14.3 | |
| Asus RS720-E9-RS24-U | ||
| Asus RS720-E9-RS8-G | =1.15.2 | |
| Asus Rs720-e9-rs8-g Firmware | ||
| Asus RS500A-E9-PS4 | =1.15.4 | |
| Asus RS500-E9-PS4 | ||
| Asus Pro E800 G4 | =1.14.2 | |
| Asus Pro E800 G4 | ||
| Asus RS500-E9-RS4 Firmware | =1.15.4 | |
| Asus RS500-E9-RS4 Firmware | ||
| Asus Rs500-e9-rs4 | =1.15.4 | |
| Asus Rs500-e9-rs4 | ||
| Asus RS520-E9-RS12-E | =1.15.3 | |
| Asus RS520-E9-RS12-E Firmware | ||
| Asus RS520-E9-RS8 | =1.15.3 | |
| Asus Rs520-e9-rs8 Firmware | ||
| Asus Esc8000 G4/10g Firmware | =1.15.4 | |
| Asus Esc8000 G4/10g Firmware | ||
| Asus Esc8000 G4/10g Firmware | =1.15.4 | |
| Asus Esc8000 G4/10g | ||
| Asus RS520-E9-RS12-E Firmware | =1.15.2 | |
| Asus RS720-E9-RS12-E Firmware | ||
| Asus WS C621E Sage | =1.15.1 | |
| Asus Ws C621e Sage Firmware | ||
| Asus RS500A-E10-PS4 | =1.15.2 | |
| Asus Rs500a-e10-ps4 Firmware | ||
| Asus RS500A-E10-RS4 | =1.15.2 | |
| Asus RS500A-E10-RS4 | ||
| Asus RS700A-E9-RS12V2 | =1.15.1 | |
| Asus RS720A-E9-RS12V2 | ||
| Asus RS700A-E9-RS4V2 | =1.15.1 | |
| Asus RS700A-E9-RS4V2 Firmware | ||
| Asus RS720A-E9-RS12V2 | =1.15.2 | |
| Asus RS720A-E9-RS12V2 | ||
| Asus Rs720a-e9-rs24v2 | =1.15.1 | |
| Asus Rs720a-e9-rs24v2 Firmware | ||
| Asus Z11pr-d16 | =1.15.3 | |
| Asus Z11pr-d16 Firmware |
Remedy
update BMC's firmwares to the following versions: ESC4000 G4X 1.15.6 RS700-E9-RS12 1.15.4 RS100-E10-PI2 1.15.3 RS300-E10-PS4 1.15.3 RS300-E10-RS4 1.15.3 RS500A-E9-PS4 1.14.2 RS500A-E9-RS4 1.14.2 RS500A-E9 RS4 U 1.14.2 E700 G4 1.14.2 WS C422 PRO/SE 1.14.2 WS X299 PRO/SE 1.14.2 Z11PA-U12 1.15.2 KNPA-U16 1.14.5 ESC4000 DHD G4 1.15.2 ESC4000 G4 1.15.6 RS720Q-E9-RS24-S 1.15.1 RS720Q-E9-RS8 1.15.1 RS720Q-E9-RS8-S 1.15.1 Z11PA-D8 1.15.2 Z11PA-D8C 1.15.2 RS720-E9-RS24-U 1.15.5 RS720-E9-RS8-G 1.15.4 RS500-E9-PS4 1.15.5 Pro E800 G4 1.15.2 RS500-E9-RS4 1.15.5 RS500-E9-RS4-U 1.15.5 RS520-E9-RS12-E 1.15.4 RS520-E9-RS8 1.15.4 ESC8000 G4 1.15.5 ESC8000 G4/10G 1.15.5 RS720-E9-RS12-E 1.15.3 WS C621E SAGE 1.15.3 RS500A-E10-PS4 1.15.3 RS500A-E10-RS4 1.15.3 RS700A-E9-RS12V2 1.15.3 RS700A-E9-RS4V2 1.15.3 RS720A-E9-RS12V2 1.15.3 RS720A-E9-RS24V2 1.15.3 Z11PR-D16 1.15.4
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2021-28209?
CVE-2021-28209 is classified as a critical vulnerability due to its potential for remote exploitation.
How do I fix CVE-2021-28209?
To mitigate CVE-2021-28209, you should update the ASUS BMC firmware to the latest version that addresses this vulnerability.
What systems are affected by CVE-2021-28209?
CVE-2021-28209 affects specific versions of ASUS BMC firmware, including versions such as 1.11.12, 1.10.3, and others listed in the advisory.
Can CVE-2021-28209 allow unauthorized file access?
Yes, CVE-2021-28209 can be exploited by attackers to gain unauthorized access to system files through path traversal.
What is the impact of CVE-2021-28209 on system security?
CVE-2021-28209 poses a significant risk as it allows remote attackers with admin permissions to manipulate sensitive files.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/title
- agent/severity
- agent/author
- agent/references
- agent/last-modified-date
- agent/remedy
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/asus
- canonical/asus asmb9-ikvm
- version/asus asmb9-ikvm/1.11.12
- canonical/asus asmb9-ikvm firmware
- canonical/asus rs720a-e9-rs24-e
- version/asus rs720a-e9-rs24-e/1.10.3
- canonical/asus rs720a-e9-rs24-e firmware
- canonical/asus rs700a-e9-rs4v2
- version/asus rs700a-e9-rs4v2/1.10.0
- canonical/asus rs700-e9-rs4
- version/asus rs700-e9-rs4/1.09
- canonical/asus rs700-e9-rs4 firmware
- canonical/asus esc4000 g4x firmware
- version/asus esc4000 g4x firmware/1.11.6
- canonical/asus rs700-e9-rs12
- version/asus rs700-e9-rs12/1.11.5
- canonical/asus rs100-e10-pi2
- version/asus rs100-e10-pi2/1.13.6
- canonical/asus rs300-e10-ps4
- version/asus rs300-e10-ps4/1.13.6
- canonical/asus rs300-e10-ps4 firmware
- canonical/asus rs300-e10-rs4
- version/asus rs300-e10-rs4/1.13.6
- canonical/asus rs300-e10-rs4 firmware
- canonical/asus rs500a-e9-ps4
- version/asus rs500a-e9-ps4/1.14.1
- canonical/asus rs500-e9-ps4
- canonical/asus rs500a-e9 rs4 u
- version/asus rs500a-e9 rs4 u/1.14.1
- canonical/asus rs500a-e9 rs4 u firmware
- canonical/asus e700 g4
- version/asus e700 g4/1.14.1
- canonical/asus ws c422 pro/se firmware
- version/asus ws c422 pro/se firmware/1.14.1
- canonical/asus ws c422 pro/se
- canonical/asus ws x299 pro/se firmware
- version/asus ws x299 pro/se firmware/1.14.1
- canonical/asus ws x299 pro/se
- canonical/asus z11pa-u12 firmware
- version/asus z11pa-u12 firmware/1.15.1
- canonical/asus z11pa-u12/10g-2s firmware
- version/asus z11pa-u12/10g-2s firmware/1.15.1
- canonical/asus z11pa-u12/10g-2s
- canonical/asus knpa-u16
- version/asus knpa-u16/1.13.4
- canonical/asus knpa-u16 firmware
- canonical/asus esc4000 dhd g4
- version/asus esc4000 dhd g4/1.13.7
- canonical/asus esc4000 g4
- version/asus esc4000 g4/1.15.2
- canonical/asus esc4000 g4 firmware
- canonical/asus rs720q-e9-rs24-s firmware
- version/asus rs720q-e9-rs24-s firmware/1.15.0
- canonical/asus rs720q-e9-rs8
- version/asus rs720q-e9-rs8/1.15.0
- canonical/asus rs720q-e9-rs8 firmware
- canonical/asus rs720q-e9-rs8-s
- version/asus rs720q-e9-rs8-s/1.15.0
- canonical/asus rs720q-e9-rs24-s
- canonical/asus z11pa-d8
- version/asus z11pa-d8/1.14.1
- canonical/asus z11pa-d8 firmware
- canonical/asus z11pa-d8c firmware
- version/asus z11pa-d8c firmware/1.14.1
- canonical/asus rs720-e9-rs24-u
- version/asus rs720-e9-rs24-u/1.14.3
- canonical/asus rs720-e9-rs8-g
- version/asus rs720-e9-rs8-g/1.15.2
- canonical/asus rs720-e9-rs8-g firmware
- version/asus rs500a-e9-ps4/1.15.4
- canonical/asus pro e800 g4
- version/asus pro e800 g4/1.14.2
- canonical/asus rs500-e9-rs4 firmware
- version/asus rs500-e9-rs4 firmware/1.15.4
- canonical/asus rs500-e9-rs4
- version/asus rs500-e9-rs4/1.15.4
- canonical/asus rs520-e9-rs12-e
- version/asus rs520-e9-rs12-e/1.15.3
- canonical/asus rs520-e9-rs12-e firmware
- canonical/asus rs520-e9-rs8
- version/asus rs520-e9-rs8/1.15.3
- canonical/asus rs520-e9-rs8 firmware
- canonical/asus esc8000 g4/10g firmware
- version/asus esc8000 g4/10g firmware/1.15.4
- canonical/asus esc8000 g4/10g
- version/asus rs520-e9-rs12-e firmware/1.15.2
- canonical/asus rs720-e9-rs12-e firmware
- canonical/asus ws c621e sage
- version/asus ws c621e sage/1.15.1
- canonical/asus ws c621e sage firmware
- canonical/asus rs500a-e10-ps4
- version/asus rs500a-e10-ps4/1.15.2
- canonical/asus rs500a-e10-ps4 firmware
- canonical/asus rs500a-e10-rs4
- version/asus rs500a-e10-rs4/1.15.2
- canonical/asus rs700a-e9-rs12v2
- version/asus rs700a-e9-rs12v2/1.15.1
- canonical/asus rs720a-e9-rs12v2
- version/asus rs700a-e9-rs4v2/1.15.1
- canonical/asus rs700a-e9-rs4v2 firmware
- version/asus rs720a-e9-rs12v2/1.15.2
- canonical/asus rs720a-e9-rs24v2
- version/asus rs720a-e9-rs24v2/1.15.1
- canonical/asus rs720a-e9-rs24v2 firmware
- canonical/asus z11pr-d16
- version/asus z11pr-d16/1.15.3
- canonical/asus z11pr-d16 firmware