Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
adm vulnerabilities and exploits
(subscribe to this query)
10
CVSSv3
CVE-2023-2909
EZ Sync service fails to adequately handle user input, allowing an malicious user to navigate beyond the intended directory structure and delete files. Affected products and versions include: ADM 4.0.6.REG2, 4.1.0 and below as well as ADM 4.2.1.RGE2 and below.
Asustor Adm
10
CVSSv3
CVE-2020-6287
SAP NetWeaver AS JAVA (LM Configuration Wizard), versions - 7.30, 7.31, 7.40, 7.50, does not perform an authentication check which allows an attacker without prior authentication to execute configuration tasks to perform critical actions against the SAP Java system, including the...
Sap Netweaver Application Server Java 7.30
Sap Netweaver Application Server Java 7.31
Sap Netweaver Application Server Java 7.40
Sap Netweaver Application Server Java 7.50
1 Metasploit module
9 Github repositories
2 Articles
10
CVSSv3
CVE-2019-9548
Citrix Application Delivery Management (ADM) 12.1.x prior to 12.1.50.33 has Incorrect Access Control.
Citrix Application Delivery Management
9.8
CVSSv3
CVE-2023-38029
Saho’s attendance devices ADM100 and ADM-100FP has insufficient filtering for special characters and file type within their file uploading function. A unauthenticate remote attacker authenticated can upload and execute arbitrary files to perform arbitrary system commands o...
Saho Adm-100 Firmware 0.0.4.0
Saho Adm-100 Firmware 0.0.4.3
Saho Adm-100 Firmware 0.0.4.6
Saho Adm-100 Firmware 0.0.4.8
Saho Adm-100 Firmware Q20100602
Saho Adm-100 Firmware T190
Saho Adm-100 Firmware T17041702
Saho Adm-100 Firmware T18051803
Saho Adm-100fp Firmware Q20100602
Saho Adm-100fp Firmware T190
Saho Adm-100fp Firmware T17041702
Saho Adm-100fp Firmware T18051803
9.8
CVSSv3
CVE-2023-24796
Password vulnerability found in Vinga WR-AC1200 81.102.1.4370 and before allows a remote malicious user to execute arbitrary code via the password parameter at the /goform/sysTools and /adm/systools.asp endpoints.
Vinga Wr-ac1200 Firmware
9.8
CVSSv3
CVE-2023-30770
A stack-based buffer overflow vulnerability was found in the ASUSTOR Data Master (ADM) due to the lack of data size validation. An attacker can exploit this vulnerability to execute arbitrary code. Affected ADM versions include: 4.0.6.REG2, 4.1.0 and below as well as 4.2.0.RE71 a...
Asustor Adm
9.8
CVSSv3
CVE-2021-34111
Thecus 4800Eco exists to contain a command injection vulnerability via the username parameter in /adm/setmain.php.
Thecus N4800eco Firmware -
9.8
CVSSv3
CVE-2021-44620
A Command Injection vulnerability exits in TOTOLINK A3100R <=V4.1.2cu.5050_B20200504 in adm/ntm.asp via the hosTime parameters.
Totolink A3100r Firmware
9.8
CVSSv3
CVE-2020-10582
A SQL injection on the /admin/display_errors.php script of Invigo Automatic Device Management (ADM) up to and including 5.0 allows remote malicious users to execute arbitrary SQL requests (including data reading and modification) on the database.
Invigo Automatic Device Management
9.8
CVSSv3
CVE-2018-12313
OS command injection in snmp.cgi in ASUSTOR ADM version 3.1.1 allows malicious users to execute system commands without authentication via the "rocommunity" URL parameter.
Asustor Data Master 3.1.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »