Password Change Vulnerability in ASUSTOR ADM Version 3.1.1

Password Change Vulnerability in ASUSTOR ADM Version 3.1.1

CVE-2018-12315 · MEDIUM Severity

AV:N/AC:L/AU:S/C:N/I:P/A:N

Missing verification of a password in ASUSTOR ADM version 3.1.1 allows attackers to change account passwords without entering the current password.

Learn more about our Web Application Penetration Testing UK.