CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-12308

Encryption key disclosure in share.cgi in ASUSTOR ADM version 3.1.1 allows attackers to obtain the encryption key via the "encrypt_key" URL parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 36.5%

CVSS Severity

CVSS v3 Score 6.5

CVSS v2 Score 4.0

References

https://blog.securityevaluators.com/over-a-dozen-vulnerabilities-discovered-in-asustor-as-602t-8dd5832a82cc
https://blog.securityevaluators.com/over-a-dozen-vulnerabilities-discovered-in-asustor-as-602t-8dd5832a82cc

Products affected by CVE-2018-12308

Asustor » As602t » Version: N/A

cpe:2.3:h:asustor:as602t:-
Asustor » Data Master » Version: 3.1.1

cpe:2.3:o:asustor:data_master:3.1.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-12308

Products

Pricing

Contact Us