An unrestricted file upload vulnerability in importuser.cgi in ASUSTOR AS6202T ADM 3.1.0.RFQ3 allows attackers to upload supplied data to a specified filename. This can be used to place attacker controlled code on the file system that is then executed.
Add your gear to cvedb and we'll alert you only when asustor ships something exploited.
Check my exposure →This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.