CyberSec.Space Logo
返回 CVE 浏览器

CVE-2018-15694

HIGH
7.5
CVSS Severity Score
EPSS Score0.0920%
EPSS Percentile23.90th
Published2018年8月27日
Last Modified2024年11月21日

Vulnerability Description

ASUSTOR Data Master 3.1.5 and below allows authenticated remote non-administrative users to upload files to arbitrary locations due to a path traversal vulnerability. This could lead to code execution if the "Web Server" feature is enabled.

Affected Platforms (CPE)

💻
Asustor

Data Master

<= 3.1.5

References & Advisories

🔗 https://www.tenable.com/security/research/tra-2018-22
🔗 https://www.tenable.com/security/research/tra-2018-22

相关漏洞威胁

CVE-2006-027010.0

Unspecified vulnerability in the Transparent Data Encryption (TDE) Wallet component of Oracle Database server 10.2.0.1 has unspeci...

CVE-2008-096010.0

SNMPv3 HMAC verification in (1) Net-SNMP 5.2.x before 5.2.4.1, 5.3.x before 5.3.2.1, and 5.4.x before 5.4.1.1; (2) UCD-SNMP; (3) e...

CVE-2017-1447210.0

An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Brad...

CVE-2017-144669.8

An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Brad...

CVE-2018-15694 Detail & Impact Analysis | CVSS 7.5 (HIGH) | Cyber-Sec.Space | Cyber-Sec.Space