CVE-2018-15698

Summary

ASUSTOR Data Master 3.1.5 and below allows authenticated remote non-administrative users to read any file on the file system when providing the full path to loginimage.cgi.

Affected Software

VendorProductVersion RangeStatus
TenableASUSTOR Data Master3.1.5 and belowaffected

Weaknesses

  • Insufficient Protections

ADP Enrichment

CVE Program Container

Additional References

References