Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
asustor adm vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2018-12319
Denial-of-service in the login page of ASUSTOR ADM 3.1.1 allows malicious users to prevent users from signing in by placing malformed text in the title.
Asustor Data Master 3.1.1
7.2
CVSSv3
CVE-2018-11340
An unrestricted file upload vulnerability in importuser.cgi in ASUSTOR AS6202T ADM 3.1.0.RFQ3 allows malicious users to upload supplied data to a specified filename. This can be used to place attacker controlled code on the file system that is then executed.
Asustor As6202t Firmware
7.2
CVSSv3
CVE-2018-11341
Directory traversal in importuser.cgi in ASUSTOR AS6202T ADM 3.1.0.RFQ3 allows malicious users to navigate the file system via the filename parameter.
Asustor As6202t Firmware
6.5
CVSSv3
CVE-2018-12308
Encryption key disclosure in share.cgi in ASUSTOR ADM version 3.1.1 allows malicious users to obtain the encryption key via the "encrypt_key" URL parameter.
Asustor Data Master 3.1.1
6.5
CVSSv3
CVE-2018-12315
Missing verification of a password in ASUSTOR ADM version 3.1.1 allows malicious users to change account passwords without entering the current password.
Asustor Data Master 3.1.1
6.5
CVSSv3
CVE-2018-11344
A path traversal vulnerability in download.cgi in ASUSTOR AS6202T ADM 3.1.0.RFQ3 allows malicious users to arbitrarily specify a file on the system to download via the file1 parameter.
Asustor As6202t Firmware
6.1
CVSSv3
CVE-2023-2509
A Cross-Site Scripting(XSS) vulnerability was found on ADM, LooksGood and SoundsGood Apps. An attacker can exploit this vulnerability to inject malicious scripts into the target applications to access any cookies or sensitive information retained by the browser and used with that...
Asustor Adm 4.0.0
Asustor Soundsgood 2.3.0
Asustor Looksgood 2.0.0
Asustor Adm 4.0.6
Asustor Adm 4.1.0
Asustor Adm 4.2.1
6.1
CVSSv3
CVE-2018-12305
Cross-site scripting in File Explorer in ASUSTOR ADM version 3.1.1 allows malicious users to execute JavaScript by uploading SVG images with embedded JavaScript.
Asustor Data Master 3.1.1
5.5
CVSSv3
CVE-2023-3699
An Improper Privilege Management vulnerability was found in ASUSTOR Data Master (ADM) allows an unprivileged local users to modify the storage devices configuration. Affected products and versions include: ADM 4.0.6.RIS1, 4.1.0 and below as well as ADM 4.2.2.RI61 and below.
Asustor Data Master
5.5
CVSSv3
CVE-2023-4475
An Arbitrary File Movement vulnerability was found in ASUSTOR Data Master (ADM) allows an malicious user to exploit the file renaming feature to move files to unintended directories. Affected products and versions include: ADM 4.0.6.RIS1, 4.1.0 and below as well as ADM 4.2.2.RI61...
Asustor Data Master
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »