CVE-2019-11688

high

Description

An issue was discovered in ASUSTOR exFAT Driver through 1.0.0.r20. When conducting license validation, exfat.cgi and exfatctl accept any certificate for asustornasapi.asustor.com. In other words, there is Missing SSL Certificate Validation.

References

https://www.asustor.com/app_central/app_detail?id=776

https://github.com/mikedamm/CVEs/blob/master/CVE-2019-11688.md

Details

Source: Mitre, NVD

Published: 2020-03-18

Updated: 2026-06-17

Risk Information

CVSS v2

Base Score: 8.8

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:N

Severity: High

CVSS v3

Base Score: 7.4

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N