CNNVD-202512-2477 Information

CNNVD ID

CNNVD-202512-2477

Related CVE

CVE-2025-13053

• CNNVD Published: 2025-12-12

Description (Chinese)

ASUSTOR ADM是中国华芸科技（ASUSTOR）公司的一种所有 ASUSTOR NAS 设备的专用操作系统。 ASUSTOR ADM 4.1.0版本至4.3.3.RKD2版本和5.0.0版本至5.1.0.RN42版本存在安全漏洞，该漏洞源于TLS证书验证未强制执行，可能导致中间人攻击。

Description (English)

SUSTOR ADM is a specialized operating system for all ASUSTOR NAS equipment of the Chinese company SUSTOR. There is a security loophole between ASUSTOR ADM 4.1.0 and 4.3.3.RKD2 and between 5.0.0 and 5.1.0.RN42, which stems from the unenforceable certification of TLS certificates, which may result in an attack by an intermediary.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

华芸科技

Published

2025-12-12

Last Modified

2026-02-24

References

https://www.asustor.com/security/security_advisory_detail?id=49