CNNVD-202512-2475 Information

CNNVD ID

CNNVD-202512-2475

Related CVE

CVE-2025-13052

• CNNVD Published: 2025-12-12

Description (Chinese)

ASUSTOR ADM是中国华芸科技（ASUSTOR）公司的一种所有 ASUSTOR NAS 设备的专用操作系统。 ASUSTOR ADM 4.1.0版本至4.3.3.RKD2版本和5.0.0版本至5.1.0.RN42版本存在安全漏洞，该漏洞源于TLS/SSL证书验证不当，可能导致中间人攻击。

Description (English)

SUSTOR ADM is a specialized operating system for all ASUSTOR NAS equipment of the Chinese company SUSTOR. There is a security gap between ASUSTOR ADM, Version 4.1.0 to 4.3.3.RKD2 and between 5.0.0 and 5.1.0.RN42, which stems from inappropriate certification of TLS/SSL certificates and may lead to attacks by intermediaries.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

华芸科技

Published

2025-12-12

Last Modified

2026-02-24

References

https://www.asustor.com/security/security_advisory_detail?id=49