The upload functionality of ASUS Download Master does not properly filter user input. Remote attackers with administrative privilege can exploit this vulnerability to upload any file to any location. They may even upload malicious web page files to the website directory, allowing arbitrary system commands to be executed upon browsing the webpage.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: twcert
Published: 2024-06-14T03:53:51.560Z
Updated: 2024-06-14T03:53:51.560Z
Reserved: 2024-03-29T07:18:19.359Z
Link: CVE-2024-31161
JSON object: View
NVD Information
Status : Awaiting Analysis
Published: 2024-06-14T04:15:42.323
Modified: 2024-06-17T12:42:04.623
Link: CVE-2024-31161
JSON object: View
Redhat Information
No data.
CWE