17 matches found
CVE-2026-3179
The FTP Backup on the ADM does not properly sanitize filenames received from the FTP server when parsing directory listings. A malicious server or MITM attacker can craft filenames containing path traversal sequences, causing the client to write files outside the intended backup directory. A path...
CVE-2026-3100
The FTP Backup on the ADM will not properly strictly enforce TLS certificate verification while connecting to an FTP server using FTPES/FTPS. An improper validated TLS/SSL certificates allows a remote attacker can intercept network traffic to perform a Man-in-the-Middle MitM attack, which may...
CVE-2026-3179
The FTP Backup on the ADM does not properly sanitize filenames received from the FTP server when parsing directory listings. A malicious server or MITM attacker can craft filenames containing path traversal sequences, causing the client to write files outside the intended backup directory. A path...
CVE-2026-3100
The FTP Backup on the ADM will not properly strictly enforce TLS certificate verification while connecting to an FTP server using FTPES/FTPS. An improper validated TLS/SSL certificates allows a remote attacker can intercept network traffic to perform a Man-in-the-Middle MitM attack, which may...
CVE-2026-3100
The FTP Backup on the ADM will not properly strictly enforce TLS certificate verification while connecting to an FTP server using FTPES/FTPS. An improper validated TLS/SSL certificates allows a remote attacker can intercept network traffic to perform a Man-in-the-Middle MitM attack, which may...
CVE-2026-3179
The CVE describes a Path Traversal in ASUSTOR ADM FTP Backup on Linux platforms (x86, ARM, 64‑bit). The vulnerability arises from improper limitation of a pathname to a restricted directory, enabling unauthorized access via the network. Affected ADM versions are 4.1.0 through 4.3.3.ROF1, and 5.0....
CVE-2026-3100
The FTP Backup on the ADM will not properly strictly enforce TLS certificate verification while connecting to an FTP server using FTPES/FTPS. An improper validated TLS/SSL certificates allows a remote attacker can intercept network traffic to perform a Man-in-the-Middle MitM attack, which may...
CVE-2026-3100 An improper certificate validation vulnerability was found in the FTP Backup on the ADM.
The FTP Backup on the ADM will not properly strictly enforce TLS certificate verification while connecting to an FTP server using FTPES/FTPS. An improper validated TLS/SSL certificates allows a remote attacker can intercept network traffic to perform a Man-in-the-Middle MitM attack, which may...
CVE-2026-3100 An improper certificate validation vulnerability was found in the FTP Backup on the ADM.
The FTP Backup on the ADM will not properly strictly enforce TLS certificate verification while connecting to an FTP server using FTPES/FTPS. An improper validated TLS/SSL certificates allows a remote attacker can intercept network traffic to perform a Man-in-the-Middle MitM attack, which may...
ASUSTOR ADM 安全漏洞
ASUSTOR ADM is a dedicated operating system developed by ASUSTOR Technology ASUSTOR for all ASUSTOR NAS devices. Vulnerabilities exist in versions 4.1.0 to 4.3.3.ROF1, and from 5.0.0 to 5.1.2.RE51 of ASUSTOR ADM. These vulnerabilities stem from the FTP backup feature not properly verifying TLS...
CVE-2025-11759
The Backup, Restore and Migrate your sites with XCloner plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.8.2. This is due to missing or incorrect nonce validation on the XclonerRemoteStorage:save function. This makes it possible for...
CVE-2025-11759
The Backup, Restore and Migrate your sites with XCloner plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.8.2. This is due to missing or incorrect nonce validation on the XclonerRemoteStorage:save function. This makes it possible for...
CVE-2025-11759 Backup, Restore and Migrate your sites with XCloner <= 4.8.2 - Cross-Site Request Forgery in Xcloner_Remote_Storage:save()
The Backup, Restore and Migrate your sites with XCloner plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.8.2. This is due to missing or incorrect nonce validation on the XclonerRemoteStorage:save function. This makes it possible for...
PT-2025-49185
The Backup, Restore and Migrate your sites with XCloner plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.8.2. This is due to missing or incorrect nonce validation on the Xcloner Remote Storage:save function. This makes it possible for...
EUVD-2015-3655
Malware in sbrugna...
CVE-2015-3613
A vulnerability exists in in FortiManager 5.2.1 and earlier and 5.0.10 and earlier in the WebUI FTP backup page...
CVE-2015-3613
FortiManager VM and FortiManager appliances with versions 5.2.1 and earlier, and 5.0.10 and earlier, expose a privilege management vulnerability in the WebUI FTP backup page. The issue, confirmed by multiple sources, can be exploited to compromise confidentiality, integrity, and availability of t...