CVE-2018-15694
N/A
N/A
Summary
ASUSTOR Data Master 3.1.5 and below allows authenticated remote non-administrative users to upload files to arbitrary locations due to a path traversal vulnerability. This could lead to code execution if the "Web Server" feature is enabled.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Tenable | ASUSTOR Data Master | 3.1.5 and below | affected |
Weaknesses
- Arbitrary File Upload
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.