|
ASUSTOR Newsletter June 2023 Issue 197 |
|
|---|
|
Computex 2023 ASUSTOR Booth Quick Tour
|
|
|---|
|
Missed out on Computex? Not a problem! This newsletter takes you around our booth at Computex. ASUSTOR attended Computex between 29 May 2023 to 2 June 2023 and ASUSTOR thanks everyone for their support. At Computex, three themes for network storage were exhibited. These included our creator studio, our home multimedia center and enterprise workflows. Learn more about what we showcased down below. |
|
|---|
|
Featured devices at the 2.5GbE & 10 GbE creator studio – Flashstor 6, Flashstor 12 Pro, AS5402T, AS5404T, Lockerstor 2 Gen2, Lockerstor 4 Gen2, Lockerstor 6 Gen2 |
|
|
|
|
Home Multimedia - Play videos through Media Cast and Looksgood to a TV : Flashstor 6 |
|
|
|
|
Enterprise monitoring area - Surveillance Center real-time monitoring: Lockerstor 8, Lockerstor 10, Lockerstor 10 Pro |
|
|---|
|
A Cross-Site Scripting(XSS) vulnerability was found on ADM, LooksGood and SoundsGood Apps. An attacker can exploit this vulnerability to inject malicious scripts into the target applications to access any cookies or sensitive information retained by the browser and used with that application. (CVE-2023-2509)
- The issue has been fixed on ADM 4.2.2.RI61.
|
|
|---|
|
EZ Sync service fails to adequately handle user input, allowing an attacker to navigate beyond the intended directory structure and delete files. (CVE-2023-2909)
- The issue has been fixed on ADM 4.2.2.RI61.
|
|
|---|
|
The Netatalk development team disclosed multiple fixed vulnerabilities affecting earlier versions of the software on the latest release of Netatalk 3.1.13: CVE-2022-43634 and CVE-2022-45188.
- Netatalk 3.1.13 patch has been updated on ADM 4.2.2.RI61 to resolve the issue.
|
|
|---|
|
Download Center fails to properly validate the file path submitted by a user, An attacker can exploit this vulnerability to gain unauthorized access to sensitive files or directories without appropriate permission restrictions. (CVE-2023-2749)
- The issue has been fixed on Download Center 1.1.5.r1298 for ADM 4.2.
|
|
|---|
|
The PHP Group announced multiple vulnerabilities that have been fixed in the latest release of PHP 8.1.
CVE-2023-0662, CVE-2022-31631, CVE-2022-31630, CVE-2022-37454, CVE-2022-31628, CVE-2022-31629 and CVE-2022-31627 will affect ASUSTOR products with PHP 8.1 installed on ADM 4.1 or ADM 4.2
- Updates with PHP 8.1.18 has been released on App Central for ADM 4.2.2.
|
|
|---|
|
ASUSTOR’s NAS has been recognized again for its excellent quality and performance by PCMag. The Lockerstor 2 Gen2 was recognized by PC Magazine as a best tech product for 2022. The powerful computing power and large number of features have been favored by editors and evaluated as an excellent choice to meet future enterprise storage needs.
|
|
|---|
|
| |
| |
|
| |
|
|