ASUSTOR ADM OS Command Injection Vulnerability (CNVD-2018-25181)
ASUSTOR ADM is an operating system from ASUSTOR dedicated to ASUSTOR NAS storage devices. An operating system command injection vulnerability exists in the upload.cgi file in ASUSTOR ADM version 3.1.1. An attacker can exploit this vulnerability by modifying the 'filename' POST parameter to execut...