CVE-2018-11340
CVE-2018-11340 concerns an unrestricted file upload in ASUSTOR AS6202T ADM 3.1.0.RFQ3, specifically the importuser.cgi endpoint. The underlying issue is that the program accepts an uploaded file and saves it with a user-supplied filename, enabling an attacker to place attacker-controlled code on ...