[Newsletter #198] ADM 4.2.2 is here!

View this email in your browser
You are receiving this email because of your relationship with ASUSTOR Inc. If you do not wish to receive any more emails, you can unsubscribe here.

Official Website

Facebook

Instagram

Twitter

Forum

ASUSTOR Newsletter　June 2023　Issue 198

Today’s Topic

ADM 4.2.2 is here!

SMB Backup

SMB backup backs up data to and from

ASUSTOR NAS to an SMB-compatible device,

server or another NAS in a local network.

Share Link quick upload

Establish a Share Link on your NAS to send to

family or friends to upload or download files

easily without an account.

Supports WireGuard VPN

Connect your NAS to a WireGuard VPN server

to experience fast VPN connections.

View Documents Directly in your NAS

Added an online viewing function for Office documents

in File Explorer. You can choose to use Google Docs

or Microsoft Office Online to view Office documents

directly on the web browser.

Security Advisory

XSS issue on ADM

A Cross-Site Scripting(XSS) vulnerability was found on ADM, LooksGood and SoundsGood Apps. An attacker can exploit this vulnerability to inject malicious scripts into the target applications to access any cookies or sensitive information retained by the browser and used with that application. (CVE-2023-2509)

The issue has been fixed on ADM 4.2.2.RI61.

EZ Sync on ADM

EZ Sync service fails to adequately handle user input, allowing an attacker to navigate beyond the intended directory structure and delete files. (CVE-2023-2909)

The issue has been fixed on ADM 4.2.2.RI61.

Netatalk

The Netatalk development team disclosed multiple fixed vulnerabilities affecting earlier versions of the software on the latest release of Netatalk 3.1.13: CVE-2022-43634 and CVE-2022-45188.

Netatalk 3.1.13 patch has been updated on ADM 4.2.2.RI61 to resolve the issue.

Download Center

Download Center fails to properly validate the file path submitted by a user, An attacker can exploit this vulnerability to gain unauthorized access to sensitive files or directories without appropriate permission restrictions. (CVE-2023-2749)

The issue has been fixed on Download Center 1.1.5.r1298 for ADM 4.2.

PHP 8.1

The PHP Group announced multiple vulnerabilities that have been fixed in the latest release of PHP 8.1.

CVE-2023-0662, CVE-2022-31631, CVE-2022-31630, CVE-2022-37454, CVE-2022-31628, CVE-2022-31629 and CVE-2022-31627 will affect ASUSTOR products with PHP 8.1 installed on ADM 4.1 or ADM 4.2

Updates with PHP 8.1.18 has been released on App Central for ADM 4.2.2.

Awards

ASUSTOR Once Again Wins the Best Tech Products and Services Award from PCMag for the Lockerstor 2 Gen2 Fighting Energy Inflation with ASUSTOR

ASUSTOR’s NAS has been recognized again for its excellent quality and performance by PCMag. The Lockerstor 2 Gen2 was recognized by PC Magazine as a best tech product for 2022. The powerful computing power and large number of features have been favored by editors and evaluated as an excellent choice to meet future enterprise storage needs.

Lockerstor 2 Gen 2 received Recommended Award by TechPowerUp in the US

Lockerstor 4 received Gold Award by ReHWolution in Italy

Switchn'stor received
Gold Award by Actualidad Hardware in Spain

ASUSTOR TV

ASUSTOR College 249-I Setting up Virtualbox (Windows)

ASUSTOR College 249-II Setting up Virtualbox (Linux)

Youtube Reviews

"Network Drive" NAS with 4 NVME, HDMI and a LOT More ... Asustor LOCKERSTOR 4 Gen 2

ASUSTOR Drivestor 4 ... A FULL Multimedia Center AS1104T

Unsubscribe

This message was sent from marketing@asustor.com to marketing@asustor.com
3F, No.136, Da-Ye Rd., Beitou Dist., Taipei City 112, Taiwan

Update Profile/Email Address | Forward Email | Report Abuse