Skip to main content

Asustor NAS Remote Code Execution Vulnerability

Last Update Date: 25 Feb 2022 08:54 Release Date: 25 Feb 2022 5678 Views

RISK: Medium Risk

TYPE: Operating Systems - Others OS

TYPE: Others OS

A vulnerability has been identified in Asustor NAS. A remote user can exploit this vulnerability to trigger remote code execution on the targeted system.

 

Note:

  • It is reported that hacking groups are actively exploiting the vulnerabilities to deploy Deadbolt ransomware.

Impact

  • Remote Code Execution

System / Technologies affected

  • ADM version 4.0.4.RQO2 and prior
  • ADM 3.5.9.RQO2 and prior

Solutions

Before installation of the software, please visit the vendor web-site for more details.

 

Apply fixes issued by the vendor:

https://www.asustor.com/service/release_notes


Vulnerability Identifier

Note: No CVE information is available for this vulnerability


Source


Related Link