CNNVD-202602-497 Information

CNNVD ID

CNNVD-202602-497

Related CVE

CVE-2026-24934

• CNNVD Published: 2026-02-03

Description (Chinese)

ASUSTOR ADM是中国华芸科技（ASUSTOR）公司的一种所有 ASUSTOR NAS 设备的专用操作系统。 ASUSTOR ADM 4.1.0版本至4.3.3.ROF1版本和5.0.0版本至5.1.1.RCI1版本存在安全漏洞，该漏洞源于DDNS功能使用不安全的HTTP连接或未验证SSL/TLS证书，可能导致中间人攻击并伪造响应。

Description (English)

SUSTOR ADM is a specialized operating system for all ASUSTOR NAS equipment of the Chinese company SUSTOR. A security gap exists between ASUSTOR ADM Version 4.1.0 and between version 5.0.0 and version 5.1.1.RCI1 of ASUSTOR ADM Version 4.3.3.ROF1 and between version 5.0.0 and version 5.1.1.RCI1 resulting from the use of unsafe HTTP connections or unverified SSL/TLS certificates for DDNS functions, which may lead to an attack by an intermediary and the falsification of a response.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

华芸科技

Published

2026-02-03

Last Modified

2026-02-24

References

https://www.asustor.com/security/security_advisory_detail?id=50

Patch

https://www.asustor.com/security/security_advisory_detail?id=50