Arbitrary File Download Vulnerability in ASUSTOR ADM version 3.1.1

Arbitrary File Download Vulnerability in ASUSTOR ADM version 3.1.1

CVE-2018-12314 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:N/A:N

Directory Traversal in downloadwallpaper.cgi in ASUSTOR ADM version 3.1.1 allows attackers to download arbitrary files by manipulating the "file" and "folder" URL parameters.

Learn more about our Web Application Penetration Testing UK.