Primary

Context

ASUSTOR ADM Improper Input Validation Vulnerability Allowing Arbitrary Configuration Injection

Vulnerability

Patched

A vulnerability in ASUSTOR ADM versions 4.1.0 and prior, as well as 4.3.1.R5A1 and prior, allows improper input validation that could lead to the injection of arbitrary values into the NAS configuration file. This vulnerability could cause system misconfigurations, disrupt the file's format, and result in unexpected behavior from the NAS.

Impact

Exploitation of this vulnerability could lead to system misconfiguration, causing the NAS to behave unexpectedly.

Remediation

Users can upgrade to ASUSTOR ADM 4.3.1.R6C1 or above to address this vulnerability.

Added: Jul 9, 2025, 7:17 AM

Updated: Jul 9, 2025, 9:27 AM

Vulnerability Rating

Custom Algorithm

spread

5.0

impact

0.6

exploitability

4.8

remediation

7.7

relevance

0.2

threat

0.0

urgency

5.7

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.0

impact

0.6

exploitability

4.8

remediation

7.7

relevance

0.2

threat

0.0

urgency

5.7

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

ASUSTOR ADM Improper Input Validation Vulnerability Allowing Arbitrary Configuration Injection

Vulnerability

Impact

Remediation

Affected Products

ASUSTOR ADM

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating