CVE-2023-30770

Summary

A stack-based buffer overflow vulnerability was found in the ASUSTOR Data Master (ADM) due to the lack of data size validation. An attacker can exploit this vulnerability to execute arbitrary code. Affected ADM versions include: 4.0.6.REG2, 4.1.0 and below as well as 4.2.0.RE71 and below.

Affected Software

VendorProductVersion RangeStatus
ASUSTORADM4.0 <= 4.0.6.REG2affected
ASUSTORADM4.1 <= 4.1.0.RLQ1affected
ASUSTORADM4.2 <= 4.2.0.RE71affected

Weaknesses

  • CWE-787: CWE-787 Out-of-bounds Write

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References