CVE-2022-37398— A stack-based buffer overflow vulnerability was found on ADM

A stack-based buffer overflow vulnerability was found on ADM

A stack-based buffer overflow vulnerability was found inside ADM when using WebDAV due to the lack of data size validation. An attacker can exploit this vulnerability to run arbitrary code. Affected ADM versions include: 3.5.9.RUE3 and below, 4.0.5.RVI1 and below as well as 4.1.0.RJD1 and below.

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H

栈缓冲区溢出

ASUSTOR Data Master 缓冲区错误漏洞

ASUSTOR Data Master是中国台湾华芸（ASUSTOR）公司的专属于 ASUSTOR NAS 上的操作系统，具有媲美零学习曲线的类平板图形化接口，让人一用就上手。 ASUSTOR Data Master 3.5.9.RUE3及以下版本、4.0.5.RVI1及以下版本、以及4.1.0.RJD1及以下版本存在安全漏洞，该漏洞源于允许远程验证用户通过 WebDAV 协议在 ASUSTOR Data Master (ADM) 的易受攻击版本中执行任意代码。

N/A

N/A