2 matches found
CVE-2018-15698
ASUSTOR Data Master (ADM) 3.1.5 and earlier: authenticated remote non-administrative users can read arbitrary files on the file system by providing the full path to loginimage.cgi. This is CVE-2018-15698 (NVD/CVE entry). The vulnerability originates from an information-disclosure flaw in ADM prio...
ASUSTOR Data Master < 3.1.6 Multiple Vulnerabilities
According to its self-reported version number, the ASUSTOR Data Master ADM web interface running on the remote web server is prior to 3.1.6. It is, therefore, affected by multiple vulnerabilities: - CVE-2018-15694: Authenticated File Upload - CVE-2018-15695: Authenticated Arbitrary File Deletion ...