Vulnerabilities > Asustor > As602T > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-12-04 | CVE-2018-12307 | OS Command Injection vulnerability in Asustor Data Master 3.1.1 OS command injection in user.cgi in ASUSTOR ADM version 3.1.1 allows attackers to execute system commands as root via the "name" POST parameter. | 9.0 |
| 2018-12-04 | CVE-2018-12312 | OS Command Injection vulnerability in Asustor Data Master 3.1.1 OS command injection in user.cgi in ASUSTOR ADM version 3.1.1 allows attackers to execute system commands as root via the "secret_key" URL parameter. | 9.0 |
| 2018-12-04 | CVE-2018-12313 | OS Command Injection vulnerability in Asustor Data Master 3.1.1 OS command injection in snmp.cgi in ASUSTOR ADM version 3.1.1 allows attackers to execute system commands without authentication via the "rocommunity" URL parameter. | 10.0 |
| 2018-12-04 | CVE-2018-12316 | OS Command Injection vulnerability in Asustor Data Master 3.1.1 OS Command Injection in upload.cgi in ASUSTOR ADM version 3.1.1 allows attackers to execute system commands by modifying the filename POST parameter. | 9.0 |