CNNVD-202602-501 Information

CNNVD ID

CNNVD-202602-501

Related CVE

CVE-2026-24932

• CNNVD Published: 2026-02-03

Description (Chinese)

ASUSTOR ADM是中国华芸科技（ASUSTOR）公司的一种所有 ASUSTOR NAS 设备的专用操作系统。 ASUSTOR ADM 4.1.0版本至4.3.3.ROF1版本和5.0.0版本至5.1.1.RCI1版本存在安全漏洞，该漏洞源于DDNS更新功能未正确验证TLS/SSL证书主机名，可能导致中间人攻击并获取敏感信息。

Description (English)

SUSTOR ADM is a specialized operating system for all ASUSTOR NAS equipment of the Chinese company SUSTOR. The security loophole in ASUSTOR ADM 4.1.0 to 4.3.3.ROF1 and 5.0.0 to 5.1.1.RCI1 arises from the fact that the DDNS update does not correctly verify the host name of the TLS/SSL certificate, which may lead to attacks by intermediaries and access to sensitive information.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

华芸科技

Published

2026-02-03

Last Modified

2026-02-24

References

https://www.asustor.com/security/security_advisory_detail?id=50

Patch

https://www.asustor.com/security/security_advisory_detail?id=50