Security Bypass in DataSync Center by Asustor
CVE-2025-7379

5.2MEDIUM

Key Information:

Vendor

Asustor

Status
Vendor
CVE Published:
9 July 2025

What is CVE-2025-7379?

A security bypass vulnerability has been identified in DataSync Center, enabling attackers to exploit Reverse Tabnabbing techniques. This allows for manipulation of the original tab's content, posing significant risks of credential theft and other security threats. The affected versions include DataSync Center from 1.1.0 prior to 1.1.0.r207, and 1.2.0 prior to 1.2.0.r206. Users are advised to update to the latest versions to mitigate these risks.

Affected Version(s)

ADM Linux 1.1.0 < 1.1.0.r207

ADM Linux 1.2.0 < 1.2.0.r206

References

CVSS V4

Score:
5.2
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
High
Attack Required:
Physical
Privileges Required:
Undefined
User Interaction:
Unknown

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2025-7379 : Security Bypass in DataSync Center by Asustor