📦 Data Master
by Asustor
🔍 What is Data Master?
Description coming soon...
🛡️ Security Overview
Click on a severity to filter vulnerabilities
⚠️ Known Vulnerabilities
An unauthenticated remote attacker can write arbitrary data to any file on Asustor ADM systems when a specific function is enabled during AD Domain joining. This allows complete system compromise by o...
This path traversal vulnerability in ASUSTOR ADM FTP Backup allows attackers to access files outside the intended directory by manipulating file paths. It affects ASUSTOR NAS devices running ADM versi...
An arbitrary file movement vulnerability in ASUSTOR Data Master (ADM) allows attackers to exploit the file renaming feature to move files to unintended directories. This affects ADM versions 4.0.6.RIS...
An Improper Privilege Management vulnerability in ASUSTOR Data Master (ADM) allows unprivileged local users to modify storage device configurations. This affects ADM versions 4.0.6.RIS1, 4.1.0 and bel...
This CVE describes a command injection vulnerability in ASUSTOR Data Master (ADM) printer service that allows remote unauthorized attackers to execute arbitrary commands on affected systems. The vulne...
This CVE describes a path traversal vulnerability in ASUSTOR ADM printer service that allows remote unauthenticated attackers to delete files outside intended directories. Affected systems include ASU...
This vulnerability allows attackers to perform Man-in-the-Middle attacks on DDNS update communications by exploiting improper TLS/SSL certificate validation. Attackers can intercept sensitive informat...
This vulnerability allows unauthenticated remote attackers to perform Man-in-the-Middle attacks by intercepting HTTPS communications due to improper SSL/TLS certificate validation. It affects ASUSTOR ...
This vulnerability allows a Man-in-the-Middle attacker to intercept or redirect NAT tunnel establishment due to improper SSL/TLS certificate validation in a third-party NAT traversal module. While sub...
This vulnerability allows attackers to perform man-in-the-middle attacks against SMTP email notifications in ASUSTOR ADM systems by exploiting improper TLS/SSL certificate validation in msmtp. Sensiti...
This CVE describes an insecure DDNS implementation in ASUSTOR ADM software where HTTP connections lack SSL/TLS certificate validation. Unauthenticated attackers can perform MitM attacks to spoof WAN I...
This vulnerability allows man-in-the-middle attackers to intercept and potentially modify communications between ASUSTOR NAS devices and UPS servers due to improper TLS certificate validation. Attacke...