CVE-2026-3179 - Vulnerability Analysis
HighCVSS: 8.1Last Updated: February 26, 2026
ASUSTOR ADM - Path Traversal
Published: February 25, 2026Updated: February 26, 2026Remote Exploitable
Overview
ASUSTOR ADM FTP Backup on Linux x86, ARM 64-bit from 4.1.0 through 4.3.3.ROF1 and 5.0.0 through 5.1.2.RE51 contains a path traversal vulnerability caused by improper limitation of a pathname to a restricted directory, letting attackers access unauthorized files, exploit requires network access.
Severity & Score
Severity: High
CVSS Score: 8.1
Impact
Attackers can access unauthorized files outside intended directories, potentially exposing sensitive data.
Mitigation
Update to a version later than 5.1.2.RE51 or the latest available version.
Related Resources
Details
- CVE ID
- CVE-2026-3179
- Severity
- High
- CVSS Score
- 8.1
- Type
- path_traversal
- Status
- confirmed
CWE
- CWE-22
CVSS Metrics
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H