Unrated severityNVD Advisory· Published May 31, 2023· Updated Jan 9, 2025

A Directory traversal vulnerability was found on EZ Sync service of ADM

CVE-2023-2909

Description

EZ Sync service fails to adequately handle user input, allowing an attacker to navigate beyond the intended directory structure and delete files. Affected products and versions include: ADM 4.0.6.REG2, 4.1.0 and below as well as ADM 4.2.1.RGE2 and below.

Affected products

Asustor/Admcpe-rescue
Range: 4.0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.asustor.com/security/security_advisory_detailmitrevendor-advisory

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000