Arbitrary File Download Vulnerability in ASUSTOR AS6202T ADM 3.1.0.RFQ3

Arbitrary File Download Vulnerability in ASUSTOR AS6202T ADM 3.1.0.RFQ3

CVE-2018-11344 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:N/A:N

A path traversal vulnerability in download.cgi in ASUSTOR AS6202T ADM 3.1.0.RFQ3 allows attackers to arbitrarily specify a file on the system to download via the file1 parameter.

Learn more about our Web Application Penetration Testing UK.