Описание
A path traversal vulnerability in fileExplorer.cgi in ASUSTOR AS6202T ADM 3.1.0.RFQ3 allows attackers to arbitrarily specify a path to a file on the system to create folders via the dest_folder parameter.
Ссылки
- Mailing ListThird Party Advisory
- ExploitThird Party Advisory
- ExploitThird Party Advisory
- Mailing ListThird Party Advisory
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до adm_3.1.0.rfq3 (включая)
Одновременно
cpe:2.3:o:asustor:as6202t_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:asustor:as6202t:-:*:*:*:*:*:*:*
EPSS
Процентиль: 54%
0.00312
Низкий
4.3 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-22
Связанные уязвимости
CVSS3: 4.3
github
больше 3 лет назад
A path traversal vulnerability in fileExplorer.cgi in ASUSTOR AS6202T ADM 3.1.0.RFQ3 allows attackers to arbitrarily specify a path to a file on the system to create folders via the dest_folder parameter.
EPSS
Процентиль: 54%
0.00312
Низкий
4.3 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-22