A Cross-Site Scripting(XSS) vulnerability was found on ADM, LooksGood and SoundsGood Apps. An attacker can exploit this vulnerability to inject malicious scripts into the target applications to access any cookies or sensitive information retained by the browser and used with that application. (CVE-2023-2509)

• The issue has been fixed on ADM 4.2.2.RI61.

EZ Sync service fails to adequately handle user input, allowing an attacker to navigate beyond the intended directory structure and delete files. (CVE-2023-2909) 

• The issue has been fixed on ADM 4.2.2.RI61.

The Netatalk development team disclosed multiple fixed vulnerabilities affecting earlier versions of the software on the latest release of Netatalk 3.1.13: CVE-2022-43634 and CVE-2022-45188.

• Netatalk 3.1.13 patch has been updated on ADM 4.2.2.RI61 to resolve the issue.

Download Center fails to properly validate the file path submitted by a user, An attacker can exploit this vulnerability to gain unauthorized access to sensitive files or directories without appropriate permission restrictions. (CVE-2023-2749)

• The issue has been fixed on Download Center 1.1.5.r1298 for ADM 4.2.

The PHP Group announced multiple vulnerabilities that have been fixed in the latest release of PHP 8.1.

CVE-2023-0662, CVE-2022-31631, CVE-2022-31630, CVE-2022-37454, CVE-2022-31628, CVE-2022-31629 and CVE-2022-31627 will affect ASUSTOR products with PHP 8.1 installed on ADM 4.1 or ADM 4.2

• Updates with PHP 8.1.18 has been released on App Central for ADM 4.2.2.

ASUSTOR Inc. NAS 再獲肯定! Lockerstor 2 Gen2 / AS6702T 獲得美國權威科技媒體 PC Magazine 認可，再度奪得「2022 年度最佳科技產品和服務」大獎，AS6702T 以強大的運算能力及豐富的功能，榮獲編輯青睞，評鑑為滿足未來企業儲存需求的絕佳選擇。
 
PC Magazine 編輯經過長達一年及不斷的反覆測試及驗證，從超過 2,000 項的產品中整理出 15 個年度最傑出的科技產品類別及多項頂級產品，以幫助大家在選購科技產品時作出最正確的判斷。AS6702T 為網通類別裡唯一獲獎的 NAS 產品，雙 2.5GbE 高速連線、超過 300 款商用、備份、安全及家庭娛樂應用程式的 ADM 系統、4 個 M.2 SSD 磁碟槽，高擴充性的特性、出色的功能使 AS6702T 在獲得「編輯首選」的獎項之後，再度獲得肯定，入選「2022 年度最佳科技產品和服務」。