{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-15T12:00:16.825","vulnerabilities":[{"cve":{"id":"CVE-2018-15694","sourceIdentifier":"vulnreport@tenable.com","published":"2018-08-27T14:29:00.227","lastModified":"2024-11-21T03:51:17.480","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"ASUSTOR Data Master 3.1.5 and below allows authenticated remote non-administrative users to upload files to arbitrary locations due to a path traversal vulnerability. This could lead to code execution if the \"Web Server\" feature is enabled."},{"lang":"es","value":"ASUSTOR Data Master en versiones 3.1.5 y anteriores permite que usuarios autenticados remotos no administrativos suban archivos a ubicaciones arbitrarias debido a una vulnerabilidad de salto de directorio. Esto podría conducir a la ejecución de código si la característica \"Web Server\" está habilitada."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0\/AV:N\/AC:H\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N\/AC:M\/Au:S\/C:P\/I:P\/A:P","baseScore":6.0,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":6.8,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:asustor:data_master:*:*:*:*:*:*:*:*","versionEndIncluding":"3.1.5","matchCriteriaId":"153CD27F-A0F7-4C35-B3DB-01CC48D96E74"}]}]}],"references":[{"url":"https:\/\/www.tenable.com\/security\/research\/tra-2018-22","source":"vulnreport@tenable.com","tags":["Exploit","Third Party Advisory"]},{"url":"https:\/\/www.tenable.com\/security\/research\/tra-2018-22","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}}]}