 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| Test Kennung: | 1.3.6.1.4.1.25623.1.0.141755 |
| Kategorie: | Web application abuses |
| Titel: | ASUSTOR ADM < 3.1.3.RHU2 Multiple Vulnerabilities |
| Zusammenfassung: | ASUSTOR ADM is prone to multiple vulnerabilities. |
| Beschreibung: | Summary: ASUSTOR ADM is prone to multiple vulnerabilities. Vulnerability Insight: ASUSTOR ADM is prone to multiple vulnerabilities: - Cross-Site Scripting via SVG Images (CVE-2018-12305) - Directory Traversal via download.cgi (CVE-2018-12306) - Command Injection in user.cgi (CVE-2018-12307) - Shared Folder Encryption Key Sent as URL Parameter (CVE-2018-12308) - Directory Traversal via upload.cgi (CVE-2018-12309) - Cross-Site Scripting on Login page (CVE-2018-12310) - Missing Input Sanitization on File Explorer filenames (CVE-2018-12311) - Missing Input Sanitization on File Explorer filenames (CVE-2018-12311) - Unauthenticated Command Injection in SNMP API (CVE-2018-12313) - Directory Traversal via downloadwallpaper.cgi (CVE-2018-12314) - Password Change Does Not Require Existing Password (CVE-2018-12315) - Command Injection in upload.cgi (CVE-2018-12316) - Command Injection in group.cgi (CVE-2018-12317) - snmp.cgi Returns Password in Cleartext (CVE-2018-12318) - Login Denial of Service (CVE-2018-12319) Affected Software/OS: ASUSTOR ADM prior to 3.1.3.RHU2. Solution: Update to version 3.1.3.RHU2 or later. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C |
| Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2018-12305 Common Vulnerability Exposure (CVE) ID: CVE-2018-12306 Common Vulnerability Exposure (CVE) ID: CVE-2018-12307 Common Vulnerability Exposure (CVE) ID: CVE-2018-12308 Common Vulnerability Exposure (CVE) ID: CVE-2018-12309 Common Vulnerability Exposure (CVE) ID: CVE-2018-12310 Common Vulnerability Exposure (CVE) ID: CVE-2018-12311 Common Vulnerability Exposure (CVE) ID: CVE-2018-12312 Common Vulnerability Exposure (CVE) ID: CVE-2018-12313 Common Vulnerability Exposure (CVE) ID: CVE-2018-12314 Common Vulnerability Exposure (CVE) ID: CVE-2018-12315 Common Vulnerability Exposure (CVE) ID: CVE-2018-12316 Common Vulnerability Exposure (CVE) ID: CVE-2018-12317 Common Vulnerability Exposure (CVE) ID: CVE-2018-12318 Common Vulnerability Exposure (CVE) ID: CVE-2018-12319 |
| Copyright | Copyright (C) 2018 Greenbone Networks GmbH |
| Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |