Unauthenticated Remote Code Execution Vulnerability in ASUSTOR ADM 3.1.0.RFQ3 NAS Portal
CVE-2018-11510 · MEDIUM Severity
AV:N/AC:L/AU:N/C:P/I:N/A:N
The ASUSTOR ADM 3.1.0.RFQ3 NAS portal suffers from an unauthenticated remote code execution vulnerability in the portal/apis/aggrecate_js.cgi file by embedding OS commands in the 'script' parameter.
Learn more about our Api Penetration Testing.