Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
asustor vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2018-11344
A path traversal vulnerability in download.cgi in ASUSTOR AS6202T ADM 3.1.0.RFQ3 allows malicious users to arbitrarily specify a file on the system to download via the file1 parameter.
Asustor As6202t Firmware
4.3
CVSSv3
CVE-2018-11346
An insecure direct object reference vulnerability in download.cgi in ASUSTOR AS6202T ADM 3.1.0.RFQ3 allows the ability to reference the "download_sys_settings" action and then specify files arbitrarily throughout the system via the act parameter.
Asustor As6202t Firmware
7.5
CVSSv3
CVE-2023-2749
Download Center fails to properly validate the file path submitted by a user, An attacker can exploit this vulnerability to gain unauthorized access to sensitive files or directories without appropriate permission restrictions. Download Center on ADM 4.0 and above will be affecte...
Asustor Download Center
8.8
CVSSv3
CVE-2022-37398
A stack-based buffer overflow vulnerability was found inside ADM when using WebDAV due to the lack of data size validation. An attacker can exploit this vulnerability to run arbitrary code. Affected ADM versions include: 3.5.9.RUE3 and below, 4.0.5.RVI1 and below as well as 4.1.0...
Asustor Adm
9.8
CVSSv3
CVE-2023-30770
A stack-based buffer overflow vulnerability was found in the ASUSTOR Data Master (ADM) due to the lack of data size validation. An attacker can exploit this vulnerability to execute arbitrary code. Affected ADM versions include: 4.0.6.REG2, 4.1.0 and below as well as 4.2.0.RE71 a...
Asustor Adm
8.8
CVSSv3
CVE-2023-2910
Improper neutralization of special elements used in a command ('Command Injection') vulnerability in Printer service functionality in ASUSTOR Data Master (ADM) allows remote unauthorized users to execute arbitrary commands via unspecified vectors. Affected products and ...
Asustor Data Master
5.5
CVSSv3
CVE-2023-4475
An Arbitrary File Movement vulnerability was found in ASUSTOR Data Master (ADM) allows an malicious user to exploit the file renaming feature to move files to unintended directories. Affected products and versions include: ADM 4.0.6.RIS1, 4.1.0 and below as well as ADM 4.2.2.RI61...
Asustor Data Master
8.8
CVSSv3
CVE-2018-12318
Information disclosure in the SNMP settings page in ASUSTOR ADM version 3.1.1 allows malicious users to obtain the SNMP password in cleartext.
Asustor Data Master 3.1.1
6.5
CVSSv3
CVE-2018-15695
ASUSTOR Data Master 3.1.5 and below allows authenticated remote non-administrative users to delete any file on the file system due to a path traversal vulnerability in wallpaper.cgi.
Asustor Data Master
8.8
CVSSv3
CVE-2023-3697
Printer service fails to adequately handle user input, allowing an remote unauthorized users to navigate beyond the intended directory structure and create files. Affected products and versions include: ADM 4.0.6.RIS1, 4.1.0 and below as well as ADM 4.2.2.RI61 and below.
Asustor Data Master
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700
CVE-2022-48689
CVE-2024-27956
CVE-2023-6363
SQL
NULL pointer dereference
CVE-2023-41830
CVE-2015-2051
arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »