2 matches found
CVE-2018-15695
ASUSTOR Data Master (ADM) is affected in versions 3.1.5 and earlier due to a path traversal vulnerability in wallpaper.cgi. The issue allows authenticated remote non-administrative users to delete arbitrary files on the file system. Root cause: path traversal in wallpaper.cgi. Impact per sources:...
ASUSTOR Data Master < 3.1.6 Multiple Vulnerabilities
According to its self-reported version number, the ASUSTOR Data Master ADM web interface running on the remote web server is prior to 3.1.6. It is, therefore, affected by multiple vulnerabilities: - CVE-2018-15694: Authenticated File Upload - CVE-2018-15695: Authenticated Arbitrary File Deletion ...