Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
asustor as6202t firmware vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv3
CVE-2018-11342
A path traversal vulnerability in fileExplorer.cgi in ASUSTOR AS6202T ADM 3.1.0.RFQ3 allows malicious users to arbitrarily specify a path to a file on the system to create folders via the dest_folder parameter.
Asustor As6202t Firmware
8.8
CVSSv3
CVE-2018-11345
An unrestricted file upload vulnerability in upload.cgi in ASUSTOR AS6202T ADM 3.1.0.RFQ3 allows malicious users to upload supplied data via the POST parameter filename. This can be used to place attacker controlled code on the file system that can then be executed. Further, the ...
Asustor As6202t Firmware
7.2
CVSSv3
CVE-2018-11340
An unrestricted file upload vulnerability in importuser.cgi in ASUSTOR AS6202T ADM 3.1.0.RFQ3 allows malicious users to upload supplied data to a specified filename. This can be used to place attacker controlled code on the file system that is then executed.
Asustor As6202t Firmware
7.2
CVSSv3
CVE-2018-11341
Directory traversal in importuser.cgi in ASUSTOR AS6202T ADM 3.1.0.RFQ3 allows malicious users to navigate the file system via the filename parameter.
Asustor As6202t Firmware
6.5
CVSSv3
CVE-2018-11344
A path traversal vulnerability in download.cgi in ASUSTOR AS6202T ADM 3.1.0.RFQ3 allows malicious users to arbitrarily specify a file on the system to download via the file1 parameter.
Asustor As6202t Firmware
4.3
CVSSv3
CVE-2018-11346
An insecure direct object reference vulnerability in download.cgi in ASUSTOR AS6202T ADM 3.1.0.RFQ3 allows the ability to reference the "download_sys_settings" action and then specify files arbitrarily throughout the system via the act parameter.
Asustor As6202t Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3080
log injection
CVE-2024-6041
CVE-2024-37661
XML external entity
CVE-2024-0845
privilege escalation
CVE-2023-37057
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started