VulnCheck KEV: CVE-2018-11510

The ASUSTOR ADM 3.1.0.RFQ3 NAS portal suffers from an unauthenticated remote code execution vulnerability in the portal/apis/aggrecatejs.cgi file by embedding OS commands in the 'script' parameter...

ASURTOR NAS ADM Remote Command Execution Vulnerability

ASUSTOR Data Master ADM is a dedicated operating system for ASUSTOR NAS with a tablet-like graphical interface comparable to a zero learning curve. A remote command execution vulnerability exists in ASUSTOR NAS ADM. Because the application does not strictly filter user input, an unauthenticated...

CVE-2018-11510

The ASUSTOR ADM 3.1.0.RFQ3 NAS portal suffers from an unauthenticated remote code execution vulnerability in the portal/apis/aggrecatejs.cgi file by embedding OS commands in the 'script' parameter...

CVE-2018-11510

Summary (CVE-2018-11510) : ASUSTOR ADM NAS (3.1.0.RFQ3 and related builds) is vulnerable to an unauthenticated remote command injection in portal/apis/aggrecate_js.cgi via the script parameter. This leads to a remote code execution with high impact (CVSS v3.0: CRITICAL, 9.8; NETWORK, LOW UX, Priv...

CVE-2018-11510

The ASUSTOR ADM 3.1.0.RFQ3 NAS portal suffers from an unauthenticated remote code execution vulnerability in the portal/apis/aggrecatejs.cgi file by embedding OS commands in the 'script' parameter...