Отправить #701302: ORICO CD3510 NAS V1.9.12 Incorrect Access ControlИнформация

НазваниеORICO CD3510 NAS V1.9.12 Incorrect Access Control
ОписаниеAn unauthorized file operation vulnerability exists in ORICO CD3510 NAS (firmware version 1.9.12), which is caused by directory traversal. This vulnerability allows low-level ordinary users to remotely upload arbitrary files to the “personal space” of high-level administrators or device owners. This vulnerability can lead to both horizontal and vertical privilege escalation.
Источник⚠️ https://www.notion.so/2b66cf4e528a8002aa39df57a71b105a
Пользователь
 renguangyue (UID 92629)
Представление25.11.2025 18:01 (5 месяцы назад)
Модерация07.12.2025 16:28 (12 days later)
Статуспринято
Запись VulDB334662 [ORICO CD3510 1.9.12 File Upload обход каталога]
Баллы16

ПредыдущийОбзорДалее

Do you know our Splunk app?

Download it now for free!