Vulnerabilities > Asustor > As602T
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-12-04 | CVE-2018-12308 | Information Exposure vulnerability in Asustor Data Master 3.1.1 Encryption key disclosure in share.cgi in ASUSTOR ADM version 3.1.1 allows attackers to obtain the encryption key via the "encrypt_key" URL parameter. | 4.0 |
2018-12-04 | CVE-2018-12307 | OS Command Injection vulnerability in Asustor Data Master 3.1.1 OS command injection in user.cgi in ASUSTOR ADM version 3.1.1 allows attackers to execute system commands as root via the "name" POST parameter. | 9.0 |
2018-12-04 | CVE-2018-12306 | Path Traversal vulnerability in Asustor Data Master 3.1.1 Directory Traversal in File Explorer in ASUSTOR ADM version 3.1.1 allows attackers to view arbitrary files by modifying the "file1" URL parameter, a similar issue to CVE-2018-11344. | 5.0 |