漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
An improper certificate validation vulnerability was found in the FTP Backup on the ADM.
Vulnerability Description
The FTP Backup on the ADM will not properly strictly enforce TLS certificate verification while connecting to an FTP server using FTPES/FTPS. An improper validated TLS/SSL certificates allows a remote attacker can intercept network traffic to perform a Man-in-the-Middle (MitM) attack, which may intercept, modify, or obtain sensitive information such as authentication credentials and backup data. Affected products and versions include: from ADM 4.1.0 through ADM 4.3.3.ROF1 as well as from ADM 5.0.0 through ADM 5.1.2.RE51.
CVSS Information
N/A
Vulnerability Type
证书验证不恰当
Vulnerability Title
ASUSTOR ADM 安全漏洞
Vulnerability Description
ASUSTOR ADM是中国华芸科技(ASUSTOR)公司的一种所有 ASUSTOR NAS 设备的专用操作系统。 ASUSTOR ADM 4.1.0版本至4.3.3.ROF1版本和5.0.0版本至5.1.2.RE51版本存在安全漏洞,该漏洞源于FTP备份功能未严格验证TLS证书,可能导致中间人攻击,从而拦截、修改或获取敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A