당사는 당사 웹페이지를 개선하기 위해 쿠키를 사용합니다. 당사의 쿠키 정책 을 읽으십시오.

ASUSTOR 제품 보안 권고

ASUSTOR는 고객 및 데이터 안전은 물론 당사 제품의 보안을 위해 최선을 다하고 있습니다. 이를 위해 개발자와 일반 사용자가 ASUSTOR 제품에서 발견된 잠재적 또는 확인된 보안 취약성을 ASUSTOR 보안 대응팀에 보고할 것을 권장합니다.

취약점 보고

ASUSTOR 제품에 영향을 미치는 보안 문제를 보고하려면 아래 PGP 키를 사용하여 이메일 메시지를 암호화하고 security@asustor.com 으로 보내주십시오. 이 이메일 주소는 답장을 보낼 수 없습니다. 기술 지원을 받으려면 지원 센터를 방문하세요.

PGP 키 정보

아래 PGP 키를 사용하여 ASUSTOR에 보안 취약성을 보고하는 이메일을 암호화할 것을 권장합니다.

ASUSTOR 제품 보안 업데이트

사용자를 보호하기 위해, ASUSTOR는 공개적으로 수정을 이용할 수 있을 때까지 보안 취약점을 공개적으로 발표하지 않으며 그러한 취약점의 정확한 상세 내역을 알리지 않습니다. 수정을 이용할 수 있게 되면 ASUSTOR 공식 웹사이트에 취약점이 발표됩니다.

Advisory CVE Severity Status Last Updated
AS-2023-014: OpenSSL CVE-2023-2650, CVE-2023-3446, CVE-2023-3817... Moderate Ongoing 2023-12-28
AS-2023-013: OpenSSH CVE-2023-38408 Important Resolved 2023-11-29
AS-2023-012: ADM CVE-2023-4475 Important Resolved 2023-11-29
AS-2023-011: ADM CVE-2023-3699 Important Resolved 2023-11-29
AS-2023-010: ADM CVE-2023-3697, CVE-2023-3698 Important Resolved 2023-11-29
AS-2023-009: ADM CVE-2023-2910 Important Resolved 2023-11-29
AS-2023-008: PHP 8.1 CVE-2023-0662, CVE-2022-31630, CVE-2022-31627... Important Resolved 2023-06-07
AS-2023-007: EZ Sync on ADM CVE-2023-2909 Important Resolved 2023-06-29
AS-2023-006: Download Center CVE-2023-2749 Important Resolved 2023-06-21
AS-2023-005: Netatalk CVE-2022-43634, CVE-2022-45188 Moderate Resolved 2023-06-29
AS-2023-004: XSS issue on ADM, LooksGood and SoundsGood CVE-2023-2509 Important Ongoing 2024-01-24
AS-2023-003: ADM CVE-2023-30770 Moderate Resolved 2023-06-29
AS-2023-002: OpenSSL CVE-2023-0215, CVE-2023-0286, CVE-2022-4304... Important Resolved 2023-06-29
AS-2023-001: Sudo CVE-2023-22809 Moderate Resolved 2023-02-20
AS-2022-017: Samba CVE-2022-37966, CVE-2022-37967, CVE-2022-38023... Moderate Resolved 2023-02-20
AS-2022-016: Samba CVE-2022-3437, CVE-2022-3592, CVE-2022-42898 Moderate Resolved 2022-12-27
AS-2022-015: OpenSSL CVE-2022-3602, CVE-2022-3786 Not affected Resolved 2022-11-14
AS-2022-014: Samba CVE-2022-2031, CVE-2022-32744, CVE-2022-32746... Important Resolved 2022-12-27
AS-2022-013: Apache HTTP Server CVE-2022-26377, CVE-2022-28330, CVE-2022-28614... Moderate Resolved 2022-08-17
AS-2022-012: OpenLDAP CVE-2022-29155, CVE-2020-36221, CVE-2020-25710... Important Resolved 2022-08-29
AS-2022-011: ADM CVE-2022-37398 Important Resolved 2022-08-29
AS-2022-010: PHP CVE-2022-31625, CVE-2022-31626 Important Resolved 2022-08-03
AS-2022-009: OpenSSL CVE-2022-2068, CVE-2022-2097 Moderate Resolved 2022-08-29
AS-2022-008: ADM: DeadBolt ransomware Critical Resolved 2022-06-14
AS-2022-007: OpenSSL CVE-2022-1292, CVE-2022-1343, CVE-2022-1434... Moderate Resolved 2022-05-30
AS-2022-006: Netatalk CVE-2021-31439, CVE-2022-23121, CVE-2022-23122... Important Resolved 2022-05-06
AS-2022-005: Apache HTTP Server CVE-2022-22719, CVE-2022-22720, CVE-2022-22721... Important Resolved 2022-05-16
AS-2022-004: OpenSSL CVE-2022-0778 Moderate Resolved 2022-03-29
AS-2022-003: Linux Kernel CVE-2022-0847 Not affected Resolved 2022-07-07
AS-2022-002: ADM: DeadBolt ransomware Critical Resolved 2022-03-28
AS-2022-001: Samba CVE-2021-44142 Important Resolved 2022-02-15
AS-2021-001: Log4Shell (Log4j 2) CVE-2021-44228, CVE-2021-45046, CVE-2021-44832 Not affected Resolved 2021-12-16