Security Advisory

CVE-2018-15694

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2018-08-27 14:00:00

Last updated 2024-09-16 17:48:48

Assigner tenable

State PUBLISHED

Description

ASUSTOR Data Master 3.1.5 and below allows authenticated remote non-administrative users to upload files to arbitrary locations due to a path traversal vulnerability. This could lead to code execution if the "Web Server" feature is enabled.

← Browse all CVEs View on cve.org ↗