CVE-2018-15697

MEDIUM

6.5

CVSS Severity Score

EPSS Score0.1250%

EPSS Percentile39.11th

PublishedAug 27, 2018

Last ModifiedNov 21, 2024

Vulnerability Description

ASUSTOR Data Master 3.1.5 and below allows authenticated remote non-administrative users to read any file on a share by providing the full path. For example, /home/admin/.ash_history.

Affected Platforms (CPE)

💻

Asustor

Data Master

<= 3.1.5

References & Advisories

🔗 https://www.tenable.com/security/research/tra-2018-22

Related Vulnerabilities

CVE-2006-027010.0

Unspecified vulnerability in the Transparent Data Encryption (TDE) Wallet component of Oracle Database server 10.2.0.1 has unspeci...

CVE-2008-096010.0

SNMPv3 HMAC verification in (1) Net-SNMP 5.2.x before 5.2.4.1, 5.3.x before 5.3.2.1, and 5.4.x before 5.4.1.1; (2) UCD-SNMP; (3) e...

CVE-2017-1447210.0

An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Brad...

CVE-2017-144669.8

An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Brad...