3 matches found
CVE-2018-12312
OS command injection in user.cgi in ASUSTOR ADM version 3.1.1 allows attackers to execute system commands as root via the "secretkey" URL parameter...
CVE-2018-12312
OS command injection in user.cgi in ASUSTOR ADM version 3.1.1 allows attackers to execute system commands as root via the "secretkey" URL parameter...
CVE-2018-12312
ASUSTOR ADM 3.1.1 contains an OS command injection in user.cgi that allows an attacker to run commands as root via the secret_key URL parameter. Vulnerability is triggered through network exposure to ASUSTOR ADM's web interface, enabling arbitrary command execution with root privileges if the par...