Filtered by vendor Asustor
Subscriptions
Filtered by product Data Master
Subscriptions
Total
26 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2018-12314 | 1 Asustor | 2 As602t, Data Master | 2024-08-05 | N/A |
Directory Traversal in downloadwallpaper.cgi in ASUSTOR ADM version 3.1.1 allows attackers to download arbitrary files by manipulating the "file" and "folder" URL parameters. | ||||
CVE-2023-4475 | 1 Asustor | 1 Data Master | 2024-08-02 | 7.5 High |
An Arbitrary File Movement vulnerability was found in ASUSTOR Data Master (ADM) allows an attacker to exploit the file renaming feature to move files to unintended directories. Affected products and versions include: ADM 4.0.6.RIS1, 4.1.0 and below as well as ADM 4.2.2.RI61 and below. | ||||
CVE-2023-3698 | 1 Asustor | 1 Data Master | 2024-08-02 | 8.5 High |
Printer service fails to adequately handle user input, allowing an remote unauthorized users to navigate beyond the intended directory structure and delete files. Affected products and versions include: ADM 4.0.6.RIS1, 4.1.0 and below as well as ADM 4.2.2.RI61 and below. | ||||
CVE-2023-3697 | 1 Asustor | 1 Data Master | 2024-08-02 | 8.5 High |
Printer service fails to adequately handle user input, allowing an remote unauthorized users to navigate beyond the intended directory structure and create files. Affected products and versions include: ADM 4.0.6.RIS1, 4.1.0 and below as well as ADM 4.2.2.RI61 and below. | ||||
CVE-2023-3699 | 1 Asustor | 1 Data Master | 2024-08-02 | 8.7 High |
An Improper Privilege Management vulnerability was found in ASUSTOR Data Master (ADM) allows an unprivileged local users to modify the storage devices configuration. Affected products and versions include: ADM 4.0.6.RIS1, 4.1.0 and below as well as ADM 4.2.2.RI61 and below. | ||||
CVE-2023-2910 | 1 Asustor | 1 Data Master | 2024-08-02 | 8.8 High |
Improper neutralization of special elements used in a command ('Command Injection') vulnerability in Printer service functionality in ASUSTOR Data Master (ADM) allows remote unauthorized users to execute arbitrary commands via unspecified vectors. Affected products and versions include: ADM 4.0.6.RIS1, 4.1.0 and below as well as ADM 4.2.2.RI61 and below. |