Asus

Download Master

5 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.2

CVE-2024-31162

  • EPSS 1.21%
  • Veröffentlicht 14.06.2024 07:15:50
  • Zuletzt bearbeitet 21.11.2024 09:12:56

The specific function parameter of ASUS Download Master does not properly filter user input. An unauthenticated remote attacker with administrative privileges can exploit this vulnerability to execute arbitrary system commands on the device.

7.2

CVE-2024-31163

  • EPSS 2.27%
  • Veröffentlicht 14.06.2024 07:15:50
  • Zuletzt bearbeitet 21.11.2024 09:12:56

ASUS Download Master has a buffer overflow vulnerability. An unauthenticated remote attacker with administrative privileges can exploit this vulnerability to execute arbitrary system commands on the device.

4.8

CVE-2024-31160

  • EPSS 0.19%
  • Veröffentlicht 14.06.2024 04:15:42
  • Zuletzt bearbeitet 21.11.2024 09:12:56

The parameter used in the certain page of ASUS Download Master is not properly filtered for user input. A remote attacker with administrative privilege can insert JavaScript code to the parameter for Stored Cross-site scripting attacks.

7.2

CVE-2024-31161

  • EPSS 0.9%
  • Veröffentlicht 14.06.2024 04:15:42
  • Zuletzt bearbeitet 21.11.2024 09:12:56

The upload functionality of ASUS Download Master does not properly filter user input. Remote attackers with administrative privilege can exploit this vulnerability to upload any file to any location. They may even upload malicious web page files to t...

4.8

CVE-2024-31159

  • EPSS 0.19%
  • Veröffentlicht 14.06.2024 04:15:41
  • Zuletzt bearbeitet 21.11.2024 09:12:56

The parameter used in the certain page of ASUS Download Master is not properly filtered for user input. A remote attacker with administrative privilege can insert JavaScript code to the parameter for Reflected Cross-site scripting attacks.