CNNVD-202602-492 Information

CNNVD ID

CNNVD-202602-492

Related CVE

CVE-2026-24936

• CNNVD Published: 2026-02-03

Description (Chinese)

ASUSTOR ADM是中国华芸科技（ASUSTOR）公司的一种所有 ASUSTOR NAS 设备的专用操作系统。 ASUSTOR ADM 4.1.0版本至4.3.3.ROF1版本和5.0.0版本至5.1.1.RCI1版本存在安全漏洞，该漏洞源于特定CGI程序输入参数验证不当，可能导致未经认证的远程攻击者向系统任意文件写入任意数据。

Description (English)

SUSTOR ADM is a specialized operating system for all ASUSTOR NAS equipment of the Chinese company SUSTOR. There is a security loophole between ASUSTOR ADM 4.1.0 and 4.3.3.ROF1 and between 5.0.0 and 5.1.1.RCI1 that stems from the incorrect verification of input parameters of a specific CGI programme, which may result in unauthorized remote assailants writing arbitrary data into any document of the system.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

华芸科技

Published

2026-02-03

Last Modified

2026-02-24

References

https://www.asustor.com/security/security_advisory_detail?id=51

Patch

https://www.asustor.com/security/security_advisory_detail?id=51