6.8 Medium
AI Score
Confidence
High
0.003 Low
EPSS
Percentile
68.0%
A path traversal vulnerability in download.cgi in ASUSTOR AS6202T ADM 3.1.0.RFQ3 allows attackers to arbitrarily specify a file on the system to download via the file1 parameter.
seclists.org/fulldisclosure/2018/May/2
github.com/mefulton/asustorexploit
www.purehacking.com/blog/matthew-fulton/back-to-the-future-asustor-web-exploitation