Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Asus Subscribe
Filtered by product Nas-m25
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-4221 1 Asus 2 Nas-m25, Nas-m25 Firmware 2022-12-05 N/A 9.8 CRITICAL
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Asus NAS-M25 allows an unauthenticated attacker to inject arbitrary OS commands via unsanitized cookie values.This issue affects NAS-M25: through 1.0.1.7.