Vulnerabilities (CVE)

Filtered by vendor Asus Subscribe
Filtered by product Nas-m25 Firmware
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-4221 1 Asus 2 Nas-m25, Nas-m25 Firmware 2024-11-21 N/A 9.8 CRITICAL
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Asus NAS-M25 allows an unauthenticated attacker to inject arbitrary OS commands via unsanitized cookie values.This issue affects NAS-M25: through 1.0.1.7.