Unrated severityNVD Advisory· Published Feb 25, 2026· Updated Feb 25, 2026
A path traversal vulnerability was found in the FTP Backup on the ADM.
CVE-2026-3179
Description
The FTP Backup on the ADM does not properly sanitize filenames received from the FTP server when parsing directory listings. A malicious server or MITM attacker can craft filenames containing path traversal sequences, causing the client to write files outside the intended backup directory. A path traversal vulnerability may allow an attacker to overwrite arbitrary files on the system and potentially achieve privilege escalation or remote code execution. Affected products and versions include: from ADM 4.1.0 through ADM 4.3.3.ROF1 as well as from ADM 5.0.0 through ADM 5.1.2.RE51.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1Patches
Vulnerability mechanics
References
1- www.asustor.com/security/security_advisory_detailmitrevendor-advisory
News mentions
0No linked articles in our index yet.