Every CVE whose affected-product data names Asustor Adm, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2018-11510 — CVSS 9.8 (critical): The ASUSTOR ADM 3.1.0.RFQ3 NAS portal suffers from an unauthenticated remote code execution vulnerability in the portal/apis/aggrecate_js.cg…
CVE-2023-2909 — CVSS 8.5 (high): EZ Sync service fails to adequately handle user input, allowing an attacker to navigate beyond the intended directory structure and delete…
CVE-2022-37398 — CVSS 7.1 (high): A stack-based buffer overflow vulnerability was found inside ADM when using WebDAV due to the lack of data size validation. An attacker can…
CVE-2023-2509 — CVSS 7.1 (high): A Cross-Site Scripting(XSS) vulnerability was found on ADM, LooksGood and SoundsGood Apps. An attacker can exploit this vulnerability to…
CVE-2023-30770 — CVSS 7.1 (high): A stack-based buffer overflow vulnerability was found in the ASUSTOR Data Master (ADM) due to the lack of data size validation. An attacker…