An improper input validation vulnerability was found on manipulating configuration of ADM

July 9, 2025 invoker category_cve

CVE Details

Basic Information

Title An improper input validation vulnerability was found on manipulating configuration of ADM
Type cve
Published 2025-07-09T07:06:08.150Z
Modified 2025-07-09T07:09:11.228Z

Product Information

Vendor ASUSTOR
Product ADM
Version 4.1

CVSS Information

Base Score 6.0 (MEDIUM)
Attack Vector CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:L/VI:H/VA:H/SC:L/SI:H/SA:H/R:U/U:Amber

Affected Products

  • ASUSTOR ADM 4.1

Additional Information

CWE List CWE-20
Source ASUSTOR1

Description

Improper Input Validation vulnerability

allows injecting arbitrary values of the NAS configuration file

in ASUSTOR ADM

. This could potentially lead to system misconfiguration and break the format of the configuation file, causing the NAS to exhibit unexpected behavior.
This issue affects ADM: from 4.1 before 4.3.1.R5A1.

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.