CVE-2023-30770

Published: Apr 17, 2023Modified: Nov 21, 2024

9.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

A stack-based buffer overflow vulnerability was found in the ASUSTOR Data Master (ADM) due to the lack of data size validation. An attacker can exploit this vulnerability to execute arbitrary code. Affected ADM versions include: 4.0.6.REG2, 4.1.0 and below as well as 4.2.0.RE71 and below.

Affected (2)

Products: Asustor: Adm

1 product

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Asustor Adm	From 4.0.0.rib4 to 4.0.6.reg2
Asustor Adm	From 4.1.0.rhu2 to 4.2.1.rge2

Related CWEs

Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

References (2)

https://www.asustor.com/security/security_advisory_detail?id=21

Source: security@asustor.com

Vendor Advisory

https://www.asustor.com/security/security_advisory_detail?id=21

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.