Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Asustor Subscribe
Filtered by product Asustor Data Master
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-11511 1 Asustor 1 Asustor Data Master 2024-11-21 7.5 HIGH 9.8 CRITICAL
The tree list functionality in the photo gallery application in ASUSTOR ADM 3.1.0.RFQ3 has a SQL injection vulnerability that affects the 'album_id' or 'scope' parameter via a photo-gallery/api/album/tree_lists/ URI.
CVE-2018-11509 1 Asustor 1 Asustor Data Master 2024-11-21 7.5 HIGH 9.8 CRITICAL
ASUSTOR ADM 3.1.0.RFQ3 uses the same default root:admin username and password as it does for the NAS itself for applications that are installed from the online repository. This may allow an attacker to login and upload a webshell.

NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024