Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2018-11510

The ASUSTOR ADM 3.1.0.RFQ3 NAS portal suffers from an unauthenticated remote code execution vulnerability in the portal/apis/aggrecate_js.cgi file by embedding OS commands in the 'script' parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.905
EPSS Ranking 99.6%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 5.0
Products affected by CVE-2018-11510
  • Asustor » Adm » Version: 2.5.4.rf42
    cpe:2.3:a:asustor:adm:2.5.4.rf42
  • Asustor » Adm » Version: 2.6.0.r4r1
    cpe:2.3:a:asustor:adm:2.6.0.r4r1
  • Asustor » Adm » Version: 2.6.2.r6l2
    cpe:2.3:a:asustor:adm:2.6.2.r6l2
  • Asustor » Adm » Version: 2.6.3.r713
    cpe:2.3:a:asustor:adm:2.6.3.r713
  • Asustor » Adm » Version: 2.7.1.rft5
    cpe:2.3:a:asustor:adm:2.7.1.rft5
  • Asustor » Adm » Version: 2.7.2.rhi1
    cpe:2.3:a:asustor:adm:2.7.2.rhi1
  • Asustor » Adm » Version: 2.7.3.rhq3
    cpe:2.3:a:asustor:adm:2.7.3.rhq3
  • Asustor » Adm » Version: 2.7.3.ri21
    cpe:2.3:a:asustor:adm:2.7.3.ri21
  • Asustor » Adm » Version: 3.0.0.r8n2
    cpe:2.3:a:asustor:adm:3.0.0.r8n2
  • Asustor » Adm » Version: 3.0.1.r9j2
    cpe:2.3:a:asustor:adm:3.0.1.r9j2
  • Asustor » Adm » Version: 3.0.2.ra22
    cpe:2.3:a:asustor:adm:3.0.2.ra22
  • Asustor » Adm » Version: 3.0.3.rai4
    cpe:2.3:a:asustor:adm:3.0.3.rai4
  • Asustor » Adm » Version: 3.0.4.rcq1
    cpe:2.3:a:asustor:adm:3.0.4.rcq1
  • Asustor » Adm » Version: 3.0.5.rdu1
    cpe:2.3:a:asustor:adm:3.0.5.rdu1
  • Asustor » Adm » Version: 3.1.0.rfq3
    cpe:2.3:a:asustor:adm:3.1.0.rfq3
  • Asustor » Adm » Version: 3.1.1.rgg1
    cpe:2.3:a:asustor:adm:3.1.1.rgg1
  • Asustor » Adm » Version: 3.1.2.rhg1
    cpe:2.3:a:asustor:adm:3.1.2.rhg1


Products
Pricing
Contact Us

Shodan ® - All rights reserved