Lucene search
+L

7 matches found

nvd
nvd
added 2023/08/22 7:16 p.m.23 views

CVE-2023-4475

An Arbitrary File Movement vulnerability was found in ASUSTOR Data Master ADM allows an attacker to exploit the file renaming feature to move files to unintended directories. Affected products and versions include: ADM 4.0.6.RIS1, 4.1.0 and below as well as ADM 4.2.2.RI61 and below...

7.5CVSS7.5AI score0.00159EPSS
Exploits0References1
prion
prion
added 2023/08/22 7:16 p.m.22 views

Privilege escalation

An Improper Privilege Management vulnerability was found in ASUSTOR Data Master ADM allows an unprivileged local users to modify the storage devices configuration. Affected products and versions include: ADM 4.0.6.RIS1, 4.1.0 and below as well as ADM 4.2.2.RI61 and below...

1.7CVSS5.3AI score0.00145EPSS
Exploits0References1Affected Software1
vulnrichment
vulnrichment
added 2023/08/22 9:2 a.m.11 views

CVE-2023-4475 An Arbitrary File Movement vulnerability was found on the ADM

An Arbitrary File Movement vulnerability was found in ASUSTOR Data Master ADM allows an attacker to exploit the file renaming feature to move files to unintended directories. Affected products and versions include: ADM 4.0.6.RIS1, 4.1.0 and below as well as ADM 4.2.2.RI61 and below...

7.5CVSS6.8AI score0.00159EPSS
Exploits0References1
prion
prion
added 2023/08/17 10:15 a.m.25 views

Command injection

Improper neutralization of special elements used in a command 'Command Injection' vulnerability in Printer service functionality in ASUSTOR Data Master ADM allows remote unauthorized users to execute arbitrary commands via unspecified vectors. Affected products and versions include: ADM 4.0.6.RIS...

6.5CVSS8.9AI score0.01341EPSS
Exploits0References1Affected Software1
cve
cve
added 2023/08/17 9:33 a.m.50 views

CVE-2023-3697

CVE-2023-3697 affects ASUSTOR ADM printers: the printer service fails to properly validate user input, enabling remote unauthorized users to traverse directories and create files beyond the intended path. Affected products/versions include ADM 4.0.6.RIS1, 4.1.0 and earlier, and ADM 4.2.2.RI61 and...

8.8CVSS8.5AI score0.00549EPSS
Exploits0References1Affected Software1
vulnrichment
vulnrichment
added 2023/08/17 9:25 a.m.14 views

CVE-2023-2910 A Command injection vulnerability was found on Printer service of ADM

Improper neutralization of special elements used in a command 'Command Injection' vulnerability in Printer service functionality in ASUSTOR Data Master ADM allows remote unauthorized users to execute arbitrary commands via unspecified vectors. Affected products and versions include: ADM 4.0.6.RIS...

8.8CVSS7.9AI score0.01341EPSS
Exploits0References1
cve
cve
added 2023/08/17 9:25 a.m.47 views

CVE-2023-2910

CVE-2023-2910 affects ASUSTOR Data Master (ADM) Printer service. The root cause is improper neutralization of special elements used in a command (command injection) which enables remote, unauthenticated abuse to execute arbitrary commands. Affected ADM versions include 4.0.6.RIS1, 4.1.0 and below...

8.8CVSS9.1AI score0.01341EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder