Kyle Lovett

**Name of the Vulnerable Software and Affected Versions** ASUSTOR ADM version 3.1.0.RFQ3 **Description** The issue allows an attacker to login using the default root:admin username and password, which is the same as the one used for the NAS itself for applications installed from the online repository. This may enable an attacker to upload a webshell. **Recommendations** For ASUSTOR ADM version 3.1.0.RFQ3, change the default root:admin username and password to unique and strong credentials to prevent unauthorized access. Consider restricting access to the administrative interface until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** ASUSTOR ADM version 3.1.0.RFQ3 **Description** The photo gallery application in ASUSTOR ADM contains a SQL injection issue in the tree list functionality. This issue affects the `album id` or `scope` parameter via the "photo-gallery/api/album/tree lists/" URI. **Recommendations** For ASUSTOR ADM version 3.1.0.RFQ3, avoid using the `album id` or `scope` parameter in the affected API endpoint until the issue is resolved. Restrict access to the "photo-gallery/api/album/tree lists/" URI to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ASUSTOR ADM version 3.1.0.RFQ3 **Description** The issue is related to an unauthenticated remote code execution in the "portal/apis/aggrecate js.cgi" API endpoint. This is achieved by embedding OS commands in the `script` parameter. **Recommendations** For ASUSTOR ADM version 3.1.0.RFQ3, as a temporary workaround, consider restricting access to the "portal/apis/aggrecate js.cgi" API endpoint until a patch is available. Avoid using the `script` parameter in this endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linksys SMART WiFi firmware versions prior to 2.1.41 build 162351 on E4200v2 and EA4500 devices Linksys SMART WiFi firmware versions prior to 1.1.41 build 162599 on EA6200 devices Linksys SMART WiFi firmware versions prior to 1.1.40 build 160989 on EA6300, EA6400, EA6500, and EA6700 devices Linksys SMART WiFi firmware versions prior to 1.1.42 build 161129 on EA6900 devices Linksys SMART WiFi firmware on EA2700 and EA3500 devices **Description** The issue allows remote attackers to obtain the administrator's MD5 password hash via a direct request for the /.htpasswd URI. **Recommendations** For Linksys SMART WiFi firmware on EA2700 and EA3500 devices, update to a version that fixes this issue. For Linksys SMART WiFi firmware on E4200v2 and EA4500 devices, update to version 2.1.41 build 162351 or later. For Linksys SMART WiFi firmware on EA6200 devices, update to version 1.1.41 build 162599 or later. For Linksys SMART WiFi firmware on EA6300, EA6400, EA6500, and EA6700 devices, update to version 1.1.40 build 160989 or later. For Linksys SMART WiFi firmware on EA6900 devices, update to version 1.1.42 build 161129 or later. As a temporary workaround, consider restricting access to the /.htpasswd URI until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Linksys SMART WiFi firmware versions prior to 2.1.41 build 162351 on E4200v2 and EA4500 devices Linksys SMART WiFi firmware versions prior to 1.1.41 build 162599 on EA6200 devices Linksys SMART WiFi firmware versions prior to 1.1.40 build 160989 on EA6300, EA6400, EA6500, and EA6700 devices Linksys SMART WiFi firmware versions prior to 1.1.42 build 161129 on EA6900 devices Linksys SMART WiFi firmware on EA2700 and EA3500 devices **Description** The issue allows remote attackers to obtain sensitive information or modify data via a JNAP action in a JNAP/HTTP request. **Recommendations** For versions prior to 2.1.41 build 162351 on E4200v2 and EA4500 devices, update to version 2.1.41 build 162351 or later. For versions prior to 1.1.41 build 162599 on EA6200 devices, update to version 1.1.41 build 162599 or later. For versions prior to 1.1.40 build 160989 on EA6300, EA6400, EA6500, and EA6700 devices, update to version 1.1.40 build 160989 or later. For versions prior to 1.1.42 build 161129 on EA6900 devices, update to version 1.1.42 build 161129 or later. For EA2700 and EA3500 devices, update the Linksys SMART WiFi firmware to the latest version.