Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
A Gain Information vulnerability was found on Download Center.
Vulnerability Description
Download Center fails to properly validate the file path submitted by a user, An attacker can exploit this vulnerability to gain unauthorized access to sensitive files or directories without appropriate permission restrictions. Download Center on ADM 4.0 and above will be affected. Affected products and versions include: Download Center 1.1.5.r1280 and below.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L
Vulnerability Type
信息暴露
Vulnerability Title
ASUSTOR Data Master 安全漏洞
Vulnerability Description
ASUSTOR Data Master是中国华硕(ASUS)公司的专属于 ASUSTOR NAS 上的操作系统,具有媲美零学习曲线的类平板图形化接口,让人一用就上手。 ASUSTOR Data Master(ADM) 4.0至4.2版本存在安全漏洞,该漏洞源于无法正确验证用户提交的文件路径。攻击可利用该漏洞对敏感文件或目录进行未授权访问操作。
CVSS Information
N/A
Vulnerability Type
N/A