Enviar #701673: Yottamaster DM200 V1.2.23 Vertical Privilege Escalationinformación

TítuloYottamaster DM200 V1.2.23 Vertical Privilege Escalation
DescripciónAn improper access control vulnerability exists in multiple Yottamaster NAS devices, including DM2 (version equal to or prior to V1.9.12), DM3 (version equal to or prior to V1.9.12), and DM200 (version equal to or prior to V1.2.23). This vulnerability is caused by the lack of directory traversal checks, and can lead to unauthorized file operations through the renaming feature. Attackers can exploit this vulnerability to achieve both horizontal and vertical privilege escalation.
Fuente⚠️ https://www.notion.so/2b76cf4e528a80f6ae50fe21b13ff0b8
Usuario
 rgyue (UID 92984)
Sumisión2025-11-26 05:43 (hace 5 meses)
Moderación2025-12-07 16:36 (11 days later)
EstadoAceptado
Entrada de VulDB334666 [Yottamaster DM2/DM3/DM200 hasta 1.2.23/1.9.12 File Upload recorrido de directorios]
Puntos17

AnteriorVisión De ConjuntoPróximo

Want to know what is going to be exploited?

We predict KEV entries!