Lucene search
K

8 matches found

CNVD
CNVD
added 2023/08/30 12:0 a.m.15 views

ASUSTOR Data Master Authorization Issues Vulnerability

ASUSTOR Data Master is a specialized operating system on ASUSTOR NAS from ASUS, China. An authorization issue vulnerability exists in ASUSTOR Data Master, which arises from improper privilege management and can be exploited by an unprivileged local attacker to modify the storage device...

8.7CVSS6.6AI score0.00145EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2022/02/24 12:34 p.m.31 views

Warning — Deadbolt Ransomware Targeting ASUSTOR NAS Devices

ASUSTOR network-attached storage NAS devices have become the latest victim of Deadbolt ransomware, less than a month after similar attacks singled out QNAP NAS appliances. In response to the infections, the company has released firmware updates ADM 4.0.4.RQO2 to "fix related security issues." The...

6.8AI score
Exploits0
CNVD
CNVD
added 2018/12/05 12:0 a.m.4 views

ASUSTOR ADM Path Traversal Vulnerability

ASUSTOR ADM is an operating system from ASUSTOR dedicated to ASUSTOR NAS storage devices. A directory traversal vulnerability exists in the downloadwallpaper.cgi file in ASUSTOR ADM version 3.1.1. An attacker can exploit this vulnerability by manipulating the 'file' and 'folder' URL parameters to...

7.8CVSS7.9AI score0.02309EPSS
Exploits1References1
CNVD
CNVD
added 2018/08/21 12:0 a.m.3 views

ASUSTOR ADM Remote Command Execution Vulnerability

ASUSTOR ADM is an operating system from ASUSTOR dedicated to ASUSTOR NAS storage devices. A security vulnerability exists in ASUSTOR ADM version 3.1.0.RFQ3, which stems from the program using the same default username and password as the NAS. An attacker could exploit the vulnerability to log in...

9.8CVSS9.7AI score0.12573EPSS
Exploits5References1
NVD
NVD
added 2018/06/28 2:29 p.m.13 views

CVE-2018-11510

The ASUSTOR ADM 3.1.0.RFQ3 NAS portal suffers from an unauthenticated remote code execution vulnerability in the portal/apis/aggrecatejs.cgi file by embedding OS commands in the 'script' parameter...

9.8CVSS9.9AI score0.4476EPSS
Exploits9References5
OSV
OSV
added 2018/05/22 1:29 a.m.3 views

CVE-2018-11345

An unrestricted file upload vulnerability in upload.cgi in ASUSTOR AS6202T ADM 3.1.0.RFQ3 allows attackers to upload supplied data via the POST parameter filename. This can be used to place attacker controlled code on the file system that can then be executed. Further, the filename parameter is...

8.8CVSS5.9AI score0.01925EPSS
Exploits1References3
CNVD
CNVD
added 2018/05/22 12:0 a.m.2 views

ASUSTOR AS6202T ADM path traversal vulnerability (CNVD-2018-10308)

ASUSTOR AS6202T ADM is a dedicated operating system for ASUSTOR NAS storage devices from ASUSTOR. A path traversal vulnerability exists in the fileExplorer.cgi file in ASUSTOR AS6202T ADM version 3.1.0.RFQ3. An attacker can exploit this vulnerability to create arbitrary folders with the help of t...

4.3CVSS7AI score0.01131EPSS
Exploits1References1
CNVD
CNVD
added 2018/05/22 12:0 a.m.3 views

ASUSTOR AS6202T ADM Path Traversal Vulnerability

ADM ASUSTOR Data Manager is the operating system and user interface for ASUSTOR NAS. A path traversal vulnerability exists in download.cgi in ASUSTOR AS6202T ADM 3.1.0.RFQ3. An attacker can exploit this vulnerability to arbitrarily specify a file on the system to download via the file1 parameter...

6.5CVSS6.6AI score0.01452EPSS
Exploits1References1
Rows per page
Query Builder