Authenticated Remote File Read Vulnerability in ASUSTOR Data Master 3.1.5 and Below

Authenticated Remote File Read Vulnerability in ASUSTOR Data Master 3.1.5 and Below

CVE-2018-15698 · MEDIUM Severity

AV:N/AC:L/AU:S/C:C/I:N/A:N

ASUSTOR Data Master 3.1.5 and below allows authenticated remote non-administrative users to read any file on the file system when providing the full path to loginimage.cgi.

Learn more about our User Device Pen Test.