CVE-2022-37398

A stack-based buffer overflow vulnerability was found inside ADM when using WebDAV due to the lack of data size validation. An attacker can exploit this vulnerability to run arbitrary code. Affected ADM versions include: 3.5.9.RUE3 and below, 4.0.5.RVI1 and below as well as 4.1.0.RJD1 and below.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:asustor:adm:*:*:*:*:*:*:*:*
cpe:2.3:a:asustor:adm:*:*:*:*:*:*:*:*
cpe:2.3:a:asustor:adm:*:*:*:*:*:*:*:*

History

21 Nov 2024, 07:14

Type Values Removed Values Added
References () https://www.asustor.com/security/security_advisory_detail?id=12 - Vendor Advisory () https://www.asustor.com/security/security_advisory_detail?id=12 - Vendor Advisory
CVSS v2 : unknown
v3 : 8.8
v2 : unknown
v3 : 7.1

Information

Published : 2022-08-05 17:15

Updated : 2024-11-21 07:14


NVD link : CVE-2022-37398

Mitre link : CVE-2022-37398

CVE.ORG link : CVE-2022-37398


JSON object : View

Products Affected

asustor

  • adm
CWE
CWE-121

Stack-based Buffer Overflow

CWE-787

Out-of-bounds Write