CVE-2018-12314
ASUSTOR ADM 3.1.1 is affected by a directory traversal vulnerability in downloadwallpaper.cgi. The issue allows an attacker to download arbitrary files by manipulating the file and folder URL parameters. This is documented in CVE-2018-12314 (NVD entry) and corroborated by CNVD-2018-25182, which d...