VYPR
High severity8.5NVD Advisory· Published May 31, 2023· Updated Jun 17, 2026

CVE-2023-2909

CVE-2023-2909

Description

EZ Sync service fails to adequately handle user input, allowing an attacker to navigate beyond the intended directory structure and delete files. Affected products and versions include: ADM 4.0.6.REG2, 4.1.0 and below as well as ADM 4.2.1.RGE2 and below.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Asustor/Admllm-fuzzy2 versions
    <=4.0.6.REG2, <=4.1.0, <=4.2.1.RGE2+ 1 more
    • (no CPE)range: <=4.0.6.REG2, <=4.1.0, <=4.2.1.RGE2
    • (no CPE)range: 4.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.