CVE-2021-28194

Name of the Vulnerable Software and Affected Versions: ASUS BMC firmware (affected versions not specified)

Description: The issue arises from a specific function in the ASUS BMC's firmware Web management page, specifically in the Remote image configuration setting, which fails to verify the string length entered by users. This oversight results in a buffer overflow, allowing remote attackers to exploit the leakage and abnormally terminate the Web service after obtaining privileged permission.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.