Hello everyone,
I have an AS6404T with the current version of ADM 3.5.3.RBH1 and today i got some scary messages from the AiMaster-App...
After a short look into the logs via the app, I shutdown the system and unplugged it.
I made screenshots of the notefications, because the log-files don't show anything, only the bad-block scan and the login from yesterday and from today, but nothing else.
I disconnected it from my LAN booted it, now I'm connected directly with my laptop and I'm searching for changes.
I looked into tables of the mariaDB but i couldn't find anything weard, most of them are empty.
Also into the path "/usr/builtin/webman/portal..." and the subdirs, but I have no idea of the use of the files in this directories and what files could be deleted.
I found this article about a vulnerability
https://www.exploit-db.com/exploits/45200
There are no new users and all passwords are working fine.
Can someone help me?
Thank you.
SQL Injection?
-
- Posts: 1
- youtube meble na wymiar Warszawa
- Joined: Tue Jan 12, 2021 2:04 am
SQL Injection?
- Attachments
-
- IMG_7518[1].PNG (2.29 MiB) Viewed 2181 times
-
- IMG_7519[1].PNG (2.3 MiB) Viewed 2181 times
-
- Posts: 17
- Joined: Sat Feb 01, 2014 4:35 pm
Re: SQL Injection?
The very same thing happened to me a couple of hours ago.
I was using myasustor service and every once in a while I received a notification about a failed login attempt. I didn't pay much attention to that, but now this seems really scary. I immediately disabled myasustor service and disabled the port forwarding on the router, so I can only access the NAS locally.
Could someone at Asustor tell us something?
I was using myasustor service and every once in a while I received a notification about a failed login attempt. I didn't pay much attention to that, but now this seems really scary. I immediately disabled myasustor service and disabled the port forwarding on the router, so I can only access the NAS locally.
Could someone at Asustor tell us something?
- Attachments
-
- IMG_4849.PNG (6.01 MiB) Viewed 2116 times