ASUSTOR ADM 3.1.1 Share.cgi Encryption Key Disclosure Vulnerability

ASUSTOR ADM 3.1.1 Share.cgi Encryption Key Disclosure Vulnerability

CVE-2018-12308 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:N/A:N

Encryption key disclosure in share.cgi in ASUSTOR ADM version 3.1.1 allows attackers to obtain the encryption key via the "encrypt_key" URL parameter.

Learn more about our Web Application Penetration Testing UK.