CVE-2025-7378
published 2025-07-09CVE-2025-7378: An improper Input Validation vulnerability allows injecting arbitrary values of the NAS configuration file in ASUSTOR ADM. This could potentially lead to…
PriorityP428medium6CVSS 4.0
AVLACLATPPRLUIPVCLVIHVAHSCLSIHSAHEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRUVXREXUAmber
EPSS
0.13%
2.7th percentile
An improper Input Validation vulnerability allows injecting arbitrary values of the NAS configuration file in ASUSTOR ADM. This could potentially lead to system misconfiguration and break the format of the configuation file, causing the NAS to exhibit unexpected behavior.
This issue affects ADM: from 4.1 before 4.3.1.R5A1.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| asustor | adm | >= 4.1 < 4.3.1.R5A1 | 4.3.1.R5A1 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2025-07-09
Published