Directory traversal in importuser.cgi in ASUSTOR AS6202T ADM 3.1.0.RFQ3 allows malicious users to navigate the file system via the filename parameter.
asustor as6202t_firmware