漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
A Gain Information vulnerability was found on Download Center.
Vulnerability Description
Download Center fails to properly validate the file path submitted by a user, An attacker can exploit this vulnerability to gain unauthorized access to sensitive files or directories without appropriate permission restrictions. Download Center on ADM 4.0 and above will be affected. Affected products and versions include: Download Center 1.1.5.r1280 and below.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L
Vulnerability Type
信息暴露
Vulnerability Title
ASUSTOR Data Master 安全漏洞
Vulnerability Description
ASUSTOR Data Master是中国华硕(ASUS)公司的专属于 ASUSTOR NAS 上的操作系统,具有媲美零学习曲线的类平板图形化接口,让人一用就上手。 ASUSTOR Data Master(ADM) 4.0至4.2版本存在安全漏洞,该漏洞源于无法正确验证用户提交的文件路径。攻击可利用该漏洞对敏感文件或目录进行未授权访问操作。
CVSS Information
N/A
Vulnerability Type
N/A