Security Advisory

CVE-2023-2909

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-05-31 09:26:31

Last updated 2025-01-09 21:01:20

Assigner ASUSTOR1

State PUBLISHED

Description

EZ Sync service fails to adequately handle user input, allowing an attacker to navigate beyond the intended directory structure and delete files. Affected products and versions include: ADM 4.0.6.REG2, 4.1.0 and below as well as ADM 4.2.1.RGE2 and below.

← Browse all CVEs View on cve.org ↗