View this email in your browser
You are receiving this email because of your relationship with ASUSTOR Inc. If you do not wish to receive any more emails, you can unsubscribe here.
marketing@asustor.com
ASUSTOR Newsletter July 2023 Issue 199
Today’s Topic

ASUSTOR – Protecting your Home and Office
Install Surveillance Center on your ASUSTOR NAS to turn your NAS into a 24/7 high-resolution security surveillance system. Surveillance Center comes with the ability to connect four IP cameras at the same time and more channels can be purchased. Surveillance Center provides real-time video and snapshot features while also giving you control over connected cameras. Easily control the direction and zoom of connected cameras for maximum control over your home surveillance.
In addition to real-time monitoring through a computer, AiSecure enables the same functionality for phones and tablets running Android and iOS. Take advantage of push notifications to know when events occur. Events can also be enabled or disabled through a phone or tablet in AiSecure.
Surveillance Center supports two-way voice communication. If your camera comes with a microphone and speakers built in, you’ll be able to communicate or broadcast sound with people in the area and they can reply back. AiSecure also supports two-way voice communication so that you can keep watch anywhere you are.
Security Advisory
XSS issue on ADM

A Cross-Site Scripting(XSS) vulnerability was found on ADM, LooksGood and SoundsGood Apps. An attacker can exploit this vulnerability to inject malicious scripts into the target applications to access any cookies or sensitive information retained by the browser and used with that application. (CVE-2023-2509)

  • The issue has been fixed on ADM 4.2.2.RI61.
EZ Sync on ADM

EZ Sync service fails to adequately handle user input, allowing an attacker to navigate beyond the intended directory structure and delete files. (CVE-2023-2909)

  • The issue has been fixed on ADM 4.2.2.RI61.
Netatalk

The Netatalk development team disclosed multiple fixed vulnerabilities affecting earlier versions of the software on the latest release of Netatalk 3.1.13: CVE-2022-43634 and CVE-2022-45188.

  • Netatalk 3.1.13 patch has been updated on ADM 4.2.2.RI61 to resolve the issue.
Download Center

Download Center fails to properly validate the file path submitted by a user, An attacker can exploit this vulnerability to gain unauthorized access to sensitive files or directories without appropriate permission restrictions. (CVE-2023-2749)

  • The issue has been fixed on Download Center 1.1.5.r1298 for ADM 4.2.
PHP 8.1

The PHP Group announced multiple vulnerabilities that have been fixed in the latest release of PHP 8.1.

CVE-2023-0662, CVE-2022-31631, CVE-2022-31630, CVE-2022-37454, CVE-2022-31628, CVE-2022-31629 and CVE-2022-31627 will affect ASUSTOR products with PHP 8.1 installed on ADM 4.1 or ADM 4.2

  • Updates with PHP 8.1.18 has been released on App Central for ADM 4.2.2.
Awards
marketing@asustor.com
ASUSTOR’s NAS has been recognized again for its excellent quality and performance by PCMag. The Lockerstor 2 Gen2 was recognized by PC Magazine as a best tech product for 2022. The powerful computing power and large number of features have been favored by editors and evaluated as an excellent choice to meet future enterprise storage needs.
 
marketing@asustor.com
ASUSTOR TV
marketing@asustor.com
Youtube Reviews
marketing@asustor.com
This message was sent from marketing@asustor.com to marketing@asustor.com
3F, No.136, Da-Ye Rd., Beitou Dist., Taipei City 112, Taiwan

Update Profile/Email Address | Forward Email | Report Abuse