Authenticated Remote File Read Vulnerability in ASUSTOR Data Master 3.1.5 and Below

Authenticated Remote File Read Vulnerability in ASUSTOR Data Master 3.1.5 and Below

CVE-2018-15697 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:N/A:N

ASUSTOR Data Master 3.1.5 and below allows authenticated remote non-administrative users to read any file on a share by providing the full path. For example, /home/admin/.ash_history.

Learn more about our User Device Pen Test.