Primary

Context

ASUSTOR DataSync Center Security Bypass Vulnerability Allowing Reverse Tabnabbing

Vulnerability

A security bypass vulnerability in ASUSTOR DataSync Center versions 1.1.0 prior to 1.1.0.r207 and 1.2.0 prior to 1.2.0.r206 allows exploitation through Reverse Tabnabbing. This type of phishing attack enables attackers to manipulate the content of the original tab, potentially leading to credential theft and other security risks.

Impact

Exploitation of this vulnerability could result in a security bypass, allowing for Reverse Tabnabbing attacks that manipulate the content of the user's original tab, with the potential for credential theft and other security risks.

Remediation

Users can upgrade to DataSync Center 1.1.0.r208 or above for ADM 4.x, or to version 1.2.0.r207 or above for ADM 5.0 and above.

Added: Jul 9, 2025, 9:16 AM

Updated: Jul 9, 2025, 9:16 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

6.0

remediation

7.7

relevance

0.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

6.0

remediation

7.7

relevance

0.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

ASUSTOR DataSync Center Security Bypass Vulnerability Allowing Reverse Tabnabbing

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating