Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2023-2909

EZ Sync service fails to adequately handle user input, allowing an attacker to navigate beyond the intended directory structure and delete files. Affected products and versions include: ADM 4.0.6.REG2, 4.1.0 and below as well as ADM 4.2.1.RGE2 and below.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 53.0%
CVSS Severity
CVSS v3 Score 8.5
Products affected by CVE-2023-2909
  • Asustor » Adm » Version: 4.0.0
    cpe:2.3:a:asustor:adm:4.0.0
  • Asustor » Adm » Version: 4.0.0.rib4
    cpe:2.3:a:asustor:adm:4.0.0.rib4
  • Asustor » Adm » Version: 4.0.5.rvi1
    cpe:2.3:a:asustor:adm:4.0.5.rvi1
  • Asustor » Adm » Version: 4.0.6
    cpe:2.3:a:asustor:adm:4.0.6
  • Asustor » Adm » Version: 4.0.6.reg2
    cpe:2.3:a:asustor:adm:4.0.6.reg2
  • Asustor » Adm » Version: 4.1.0
    cpe:2.3:a:asustor:adm:4.1.0
  • Asustor » Adm » Version: 4.1.0.rhu2
    cpe:2.3:a:asustor:adm:4.1.0.rhu2
  • Asustor » Adm » Version: 4.1.0.rjd1
    cpe:2.3:a:asustor:adm:4.1.0.rjd1
  • Asustor » Adm » Version: 4.1.0rlq1
    cpe:2.3:a:asustor:adm:4.1.0rlq1
  • Asustor » Adm » Version: 4.2.0
    cpe:2.3:a:asustor:adm:4.2.0
  • Asustor » Adm » Version: 4.2.1
    cpe:2.3:a:asustor:adm:4.2.1
  • Asustor » Adm » Version: 4.2.1.rge2
    cpe:2.3:a:asustor:adm:4.2.1.rge2


Products
Pricing
Contact Us

Shodan ® - All rights reserved