CVE-2018-12312

2018-12-04T17:29:00
ID CVE-2018-12312
Type cve
Reporter cve@mitre.org
Modified 2018-12-20T20:23:00

Description

OS command injection in user.cgi in ASUSTOR ADM version 3.1.1 allows attackers to execute system commands as root via the "secret_key" URL parameter.