Asus

Download Master

5 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.2

CVE-2024-31162

  • EPSS 1.21%
  • Published 14.06.2024 07:15:50
  • Last modified 21.11.2024 09:12:56

The specific function parameter of ASUS Download Master does not properly filter user input. An unauthenticated remote attacker with administrative privileges can exploit this vulnerability to execute arbitrary system commands on the device.

7.2

CVE-2024-31163

  • EPSS 2.27%
  • Published 14.06.2024 07:15:50
  • Last modified 21.11.2024 09:12:56

ASUS Download Master has a buffer overflow vulnerability. An unauthenticated remote attacker with administrative privileges can exploit this vulnerability to execute arbitrary system commands on the device.

4.8

CVE-2024-31160

  • EPSS 0.19%
  • Published 14.06.2024 04:15:42
  • Last modified 21.11.2024 09:12:56

The parameter used in the certain page of ASUS Download Master is not properly filtered for user input. A remote attacker with administrative privilege can insert JavaScript code to the parameter for Stored Cross-site scripting attacks.

7.2

CVE-2024-31161

  • EPSS 0.9%
  • Published 14.06.2024 04:15:42
  • Last modified 21.11.2024 09:12:56

The upload functionality of ASUS Download Master does not properly filter user input. Remote attackers with administrative privilege can exploit this vulnerability to upload any file to any location. They may even upload malicious web page files to t...

4.8

CVE-2024-31159

  • EPSS 0.19%
  • Published 14.06.2024 04:15:41
  • Last modified 21.11.2024 09:12:56

The parameter used in the certain page of ASUS Download Master is not properly filtered for user input. A remote attacker with administrative privilege can insert JavaScript code to the parameter for Reflected Cross-site scripting attacks.