Vulnerabilities > Asustor > Data Master > Medium

DATE CVE VULNERABILITY TITLE RISK
2018-08-27 CVE-2018-15696 Information Exposure vulnerability in Asustor Data Master
ASUSTOR Data Master 3.1.5 and below allows authenticated remote non-administrative users to enumerate all user accounts via user.cgi.
network
low complexity
asustor CWE-200
4.3
2018-08-27 CVE-2018-15695 Path Traversal vulnerability in Asustor Data Master
ASUSTOR Data Master 3.1.5 and below allows authenticated remote non-administrative users to delete any file on the file system due to a path traversal vulnerability in wallpaper.cgi.
network
low complexity
asustor CWE-22
6.5