CVE-2018-15695

Summary

ASUSTOR Data Master 3.1.5 and below allows authenticated remote non-administrative users to delete any file on the file system due to a path traversal vulnerability in wallpaper.cgi.

Affected Software

VendorProductVersion RangeStatus
TenableASUSTOR Data Master3.1.5 and belowaffected

Weaknesses

  • Path Traversal

ADP Enrichment

CVE Program Container

Additional References

References