Vulnerabilities > Asustor > ADM > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-05-31 CVE-2023-2909 Path Traversal vulnerability in Asustor ADM
EZ Sync service fails to adequately handle user input, allowing an attacker to navigate beyond the intended directory structure and delete files.
network
low complexity
asustor CWE-22
critical
10.0
2023-04-17 CVE-2023-30770 Out-of-bounds Write vulnerability in Asustor ADM 4.0.5.Rvi1/4.1.0.Rjd1
A stack-based buffer overflow vulnerability was found in the ASUSTOR Data Master (ADM) due to the lack of data size validation.
network
low complexity
asustor CWE-787
critical
9.8