{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-24932", "assignerOrgId": "f35eaae9-79f2-4d0d-a5c7-7bea6ed6be77", "state": "PUBLISHED", "assignerShortName": "ASUSTOR1", "dateReserved": "2026-01-28T08:40:24.461Z", "datePublished": "2026-02-03T02:19:41.915Z", "dateUpdated": "2026-02-03T15:31:15.303Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "platforms": ["Linux", "x86", "64 bit", "ARM"], "product": "ADM", "vendor": "ASUSTOR", "versions": [{"lessThanOrEqual": "4.3.3.ROF1", "status": "affected", "version": "4.1.0", "versionType": "custom"}, {"lessThanOrEqual": "5.1.1.RCI1", "status": "affected", "version": "5.0.0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "reporter", "value": "Nuke"}], "datePublic": "2026-02-03T02:10:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "The DDNS update function in ADM fails to properly validate the hostname of the DDNS server's TLS/SSL certificate. Although the connection uses HTTPS, an improper validated TLS/SSL certificates allows a remote attacker can intercept the communication to perform a Man-in-the-Middle (MitM) attack, which may obtain the sensitive information of DDNS updating process, including the user's account email, MD5 hashed password, and device serial number.<p>This issue affects ADM: from 4.1.0 through 4.3.3.ROF1, from 5.0.0 through 5.1.1.RCI1.</p>"}], "value": "The DDNS update function in ADM fails to properly validate the hostname of the DDNS server's TLS/SSL certificate. Although the connection uses HTTPS, an improper validated TLS/SSL certificates allows a remote attacker can intercept the communication to perform a Man-in-the-Middle (MitM) attack, which may obtain the sensitive information of DDNS updating process, including the user's account email, MD5 hashed password, and device serial number.This issue affects ADM: from 4.1.0 through 4.3.3.ROF1, from 5.0.0 through 5.1.1.RCI1."}], "impacts": [{"capecId": "CAPEC-157", "descriptions": [{"lang": "en", "value": "CAPEC-157 Sniffing Attacks"}]}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "attackVector": "NETWORK", "baseScore": 8.9, "baseSeverity": "HIGH", "exploitMaturity": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "HIGH", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-295", "description": "CWE-295 Improper Certificate Validation", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "f35eaae9-79f2-4d0d-a5c7-7bea6ed6be77", "shortName": "ASUSTOR1", "dateUpdated": "2026-02-03T02:19:41.915Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://www.asustor.com/security/security_advisory_detail?id=50"}], "source": {"discovery": "UNKNOWN"}, "title": "An improper certificate validation vulnerability was found in ADM while updating the DDNS settings.", "x_generator": {"engine": "Vulnogram 0.5.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-02-03T15:26:09.063895Z", "id": "CVE-2026-24932", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-03T15:31:15.303Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-24932", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-02-03T15:26:09.063895Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-03T15:26:09.857Z"}}], "cna": {"title": "An improper certificate validation vulnerability was found in ADM while updating the DDNS settings.", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "reporter", "value": "Nuke"}], "impacts": [{"capecId": "CAPEC-157", "descriptions": [{"lang": "en", "value": "CAPEC-157 Sniffing Attacks"}]}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 8.9, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "ASUSTOR", "product": "ADM", "versions": [{"status": "affected", "version": "4.1.0", "versionType": "custom", "lessThanOrEqual": "4.3.3.ROF1"}, {"status": "affected", "version": "5.0.0", "versionType": "custom", "lessThanOrEqual": "5.1.1.RCI1"}], "platforms": ["Linux", "x86", "64 bit", "ARM"], "defaultStatus": "unaffected"}], "datePublic": "2026-02-03T02:10:00.000Z", "references": [{"url": "https://www.asustor.com/security/security_advisory_detail?id=50", "tags": ["vendor-advisory"]}], "x_generator": {"engine": "Vulnogram 0.5.0"}, "descriptions": [{"lang": "en", "value": "The DDNS update function in ADM fails to properly validate the hostname of the DDNS server's TLS/SSL certificate. Although the connection uses HTTPS, an improper validated TLS/SSL certificates allows a remote attacker can intercept the communication to perform a Man-in-the-Middle (MitM) attack, which may obtain the sensitive information of DDNS updating process, including the user's account email, MD5 hashed password, and device serial number.This issue affects ADM: from 4.1.0 through 4.3.3.ROF1, from 5.0.0 through 5.1.1.RCI1.", "supportingMedia": [{"type": "text/html", "value": "The DDNS update function in ADM fails to properly validate the hostname of the DDNS server's TLS/SSL certificate. Although the connection uses HTTPS, an improper validated TLS/SSL certificates allows a remote attacker can intercept the communication to perform a Man-in-the-Middle (MitM) attack, which may obtain the sensitive information of DDNS updating process, including the user's account email, MD5 hashed password, and device serial number.<p>This issue affects ADM: from 4.1.0 through 4.3.3.ROF1, from 5.0.0 through 5.1.1.RCI1.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-295", "description": "CWE-295 Improper Certificate Validation"}]}], "providerMetadata": {"orgId": "f35eaae9-79f2-4d0d-a5c7-7bea6ed6be77", "shortName": "ASUSTOR1", "dateUpdated": "2026-02-03T02:19:41.915Z"}}}, "cveMetadata": {"cveId": "CVE-2026-24932", "state": "PUBLISHED", "dateUpdated": "2026-02-03T15:31:15.303Z", "dateReserved": "2026-01-28T08:40:24.461Z", "assignerOrgId": "f35eaae9-79f2-4d0d-a5c7-7bea6ed6be77", "datePublished": "2026-02-03T02:19:41.915Z", "assignerShortName": "ASUSTOR1"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:asustor:data_master:*:*:*:*:*:*:*:*", "matchCriteriaId": "662E4EA5-0C53-4669-947E-705E5E076B10", "versionEndIncluding": "4.3.3.rof1", "versionStartIncluding": "4.1.0.rhu2", "vulnerable": true}, {"criteria": "cpe:2.3:o:asustor:data_master:*:*:*:*:*:*:*:*", "matchCriteriaId": "7FC466AD-33C6-4F5C-A679-C5100B0B9B32", "versionEndExcluding": "5.1.2.re51", "versionStartIncluding": "5.0.0.ra82", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The DDNS update function in ADM fails to properly validate the hostname of the DDNS server's TLS/SSL certificate. Although the connection uses HTTPS, an improper validated TLS/SSL certificates allows a remote attacker can intercept the communication to perform a Man-in-the-Middle (MitM) attack, which may obtain the sensitive information of DDNS updating process, including the user's account email, MD5 hashed password, and device serial number.This issue affects ADM: from 4.1.0 through 4.3.3.ROF1, from 5.0.0 through 5.1.1.RCI1."}, {"lang": "es", "value": "La funci\u00f3n de actualizaci\u00f3n de DDNS en ADM no valida correctamente el nombre de host del certificado TLS/SSL del servidor DDNS. Aunque la conexi\u00f3n utiliza HTTPS, un certificado TLS/SSL incorrectamente validado permite a un atacante remoto interceptar la comunicaci\u00f3n para realizar un ataque man-in-the-middle (MitM), lo que puede obtener la informaci\u00f3n sensible del proceso de actualizaci\u00f3n de DDNS, incluyendo el correo electr\u00f3nico de la cuenta del usuario, la contrase\u00f1a con hash MD5 y el n\u00famero de serie del dispositivo. Este problema afecta a ADM: desde 4.1.0 hasta 4.3.3.ROF1, desde 5.0.0 hasta 5.1.1.RCI1."}], "id": "CVE-2026-24932", "lastModified": "2026-02-19T18:16:57.583", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 8.9, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "HIGH", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "security@asustor.com", "type": "Secondary"}]}, "published": "2026-02-03T03:15:53.080", "references": [{"source": "security@asustor.com", "tags": ["Vendor Advisory"], "url": "https://www.asustor.com/security/security_advisory_detail?id=50"}], "sourceIdentifier": "security@asustor.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-295"}], "source": "security@asustor.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-18T00:27:53.543436+00:00", "value": {"mitigation_remediation": ["Upgrade the ADM firmware to a version newer than 5.1.1.RCI1 that implements proper TLS certificate validation.", "If upgrading is not immediately feasible, disable the DDNS update feature or limit its operation to internal, trusted networks.", "Verify that any DDNS server used presents a valid and trusted TLS certificate before initiating updates, checking the certificate\u2019s subject and fingerprint."], "summary": {"action": "Patch ASAP", "impact": "Information Disclosure via MitM"}, "threat_synthesis": {"affected_systems": "ASUSTOR ADM software versions 4.1.0 through 4.3.3.ROF1 and 5.0.0 through 5.1.1.RCI1 are affected. Newer releases beyond 5.1.1.RCI1 are presumed to have resolved the issue.", "description_and_impact": "The vulnerability in the DDNS update function of the ASUSTOR ADM module allows a remote attacker to bypass proper TLS certificate validation. By forging or manipulating the certificate presented by the DDNS server, the attacker can conduct a Man\u2011in\u2011the\u2011Middle attack and capture sensitive data exchanged during the update, including the user\u2019s account e\u2011mail, MD5 hashed password, and the device\u2019s serial number. This is a severe confidentiality breach that could enable further compromise of the NAS device.", "risk_and_exploitability": "The CVSS score of 8.9 classifies the flaw as High severity, yet the EPSS score of less than 1% indicates a low exploitation probability. The flaw is not currently listed in the CISA KEV catalog. The attack vector is inferred to be remote network; an adversary would need the ability to trigger a DDNS update over HTTPS, then supply a tampered certificate to a passive attacker. Successful exploitation would grant an attacker confidentiality gain but would not transpire without the specific DDNS update scenario."}}}}, "created": "2026-02-04T12:13:58.099989+00:00", "updated": "2026-04-18T00:30:25.716832+00:00", "vendors": ["asustor", "asustor$PRODUCT$adm"]}