Lucene search
K

4 matches found

NVD
NVD
added 2023/05/31 10:15 a.m.20 views

CVE-2023-2909

EZ Sync service fails to adequately handle user input, allowing an attacker to navigate beyond the intended directory structure and delete files. Affected products and versions include: ADM 4.0.6.REG2, 4.1.0 and below as well as ADM 4.2.1.RGE2 and below...

10CVSS9AI score0.00673EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/05/31 9:26 a.m.7 views

CVE-2023-2909 A Directory traversal vulnerability was found on EZ Sync service of ADM

EZ Sync service fails to adequately handle user input, allowing an attacker to navigate beyond the intended directory structure and delete files. Affected products and versions include: ADM 4.0.6.REG2, 4.1.0 and below as well as ADM 4.2.1.RGE2 and below...

8.5CVSS7.1AI score0.00673EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/05/31 9:26 a.m.24 views

CVE-2023-2909 A Directory traversal vulnerability was found on EZ Sync service of ADM

EZ Sync service fails to adequately handle user input, allowing an attacker to navigate beyond the intended directory structure and delete files. Affected products and versions include: ADM 4.0.6.REG2, 4.1.0 and below as well as ADM 4.2.1.RGE2 and below...

8.5CVSS9.6AI score0.00673EPSS
Exploits0References1
CVE
CVE
added 2023/05/31 9:26 a.m.41 views

CVE-2023-2909

CVE-2023-2909 describes a directory traversal vulnerability in the EZ Sync service of ASUSTOR ADM. The root cause is inadequate validation of user input, allowing an attacker to navigate outside the intended directory and delete files. Affected products/versions: ADM 4.0.6.REG2, 4.1.0 and earlier...

10CVSS9.2AI score0.00673EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder