ASUSTOR Vulnerability Exposes NAS Devices to Full System Compromise

A critical security vulnerability has been uncovered in ASUSTOR ADM, and the situation has become more urgent following the public release of a proof-of-concept (PoC) exploit. The flaw, tracked as CVE-2026-6644, carries a high severity rating and allows attackers to execute commands with full root privileges on affected network-attached storage (NAS) devices.

The vulnerability exists within the PPTP VPN client component of ADM, specifically in how it handles user input for server addresses. Due to a lack of proper input validation, malicious commands can be injected into the system and executed at the operating system level. In simple terms, an attacker can manipulate a configuration parameter to break out of its intended function and gain complete control over the device.

Although the flaw requires administrator-level access, the risk is far from limited. Many systems are still deployed with default credentials, making them easy targets for attackers. Once access is gained, the vulnerability can be exploited to install malware, steal sensitive data, or even turn the device into part of a larger attack network, such as a botnet used for distributed denial-of-service attacks.

The issue affects a wide range of ADM versions, including releases across both the 4.x and 5.x series. Security researchers have also identified a significant number of internet-facing ASUSTOR devices, highlighting the scale of potential exposure. While not all exposed systems are necessarily vulnerable, the sheer number increases the likelihood of active exploitation.

ASUSTOR has responded by releasing a patch in version 5.1.3.RGO1 under its security advisory AS-2026-006. Users are strongly urged to update immediately to protect their systems. In addition to patching, organizations should review their configurations, avoid exposing management interfaces directly to the internet, and ensure that default credentials are replaced with strong, unique passwords.

The release of a working PoC significantly raises the stakes, as it lowers the barrier for attackers to exploit the flaw. This development serves as a reminder that even post-authentication vulnerabilities can pose serious risks, especially when combined with weak security practices.

As cyber threats continue to evolve, maintaining updated systems and enforcing strong access controls remain essential steps in protecting critical infrastructure and sensitive data.

Source : cyberpress

Recommended Cyber Technology News :

To participate in our interviews, please write to our CyberTech Media Room at info@intentamplify.com

🔒 Login or Register to continue reading

Tags: ADM vulnerability, ASUSTOR, command injection, CVE-2026-6644, Cybersecurity, data security, NAS security, RCE, Zero-Day

CyberTech Media Room

CyberTech Media Room is the editorial intelligence arm of CyberTech Insights, focused on delivering high-impact narratives at the intersection of cybersecurity, data infrastructure, AI systems, and enterprise risk. Built for decision-makers, analysts, and technology leaders, the CyberTech Media Room translates complex security developments into structured, actionable intelligence. Its coverage spans threat landscapes, regulatory shifts, cyber resilience frameworks, and emerging technologies shaping modern enterprise defense. The editorial approach is grounded in three principles: Signal over noise — prioritizing relevance, depth, and strategic clarity over volume Intelligence-led storytelling — combining data, expert perspectives, and market context Decision utility — ensuring every piece contributes to informed business or technology outcomes CyberTech Media Room collaborates with industry practitioners, researchers, and enterprise leaders to surface insights that matter—from boardroom-level risk considerations to operational security strategies. Positioned beyond traditional media, it operates as a strategic intelligence layer for organizations navigating an increasingly complex and adversarial digital environment.