2 matches found
CVE-2018-12316
ASUSTOR ADM is affected by OS Command Injection in upload.cgi in version 3.1.1, where an attacker can modify the filename POST parameter to execute system commands. This is documented across multiple sources (NVD CVE-2018-12316, CNVD-2018-25181, OpenVAS entry) with a CVSS base score high (3.0: 8....
CVE-2018-12316
OS Command Injection in upload.cgi in ASUSTOR ADM version 3.1.1 allows attackers to execute system commands by modifying the filename POST parameter...