漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
A Command injection vulnerability was found on Printer service of ADM
Vulnerability Description
Printer service fails to adequately handle user input, allowing an remote unauthorized users to navigate beyond the intended directory structure and create files. Affected products and versions include: ADM 4.0.6.RIS1, 4.1.0 and below as well as ADM 4.2.2.RI61 and below.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Vulnerability Title
ASUSTOR Data Master 路径遍历漏洞
Vulnerability Description
ASUSTOR Data Master是中国华硕(ASUS)公司的专属于 ASUSTOR NAS 上的操作系统,具有媲美零学习曲线的类平板图形化接口,让人一用就上手。 ASUSTOR Data Master存在安全漏洞,该漏洞源于Printer服务允许攻击者导航到其他目录并创建文件。受影响的产品和版本:ASUSTOR Data Master 4.0.6.RIS1版本,4.1.0及之前版本,4.2.2.RI61及之前版本。
CVSS Information
N/A
Vulnerability Type
N/A