Nuke

**Name of the Vulnerable Software and Affected Versions** ASUSTOR ADM versions 4.1.0 through 4.3.3.ROF1 ASUSTOR ADM versions 5.0.0 through 5.1.2.RE51 **Description** The FTP Backup feature does not properly validate TLS certificates when connecting to an FTP server using FTPES/FTPS. This improper validation allows a remote attacker to potentially intercept network traffic, enabling a Man-in-the-Middle (MitM) attack. Such an attack could lead to the interception, modification, or acquisition of sensitive information, including authentication credentials and backup data. **Recommendations** Update ASUSTOR ADM to a version later than 5.1.2.RE51. Update ASUSTOR ADM to a version later than 4.3.3.ROF1.

**Name of the Vulnerable Software and Affected Versions** ASUSTOR ADM versions 4.1.0 through 4.3.3.ROF1 ASUSTOR ADM versions 5.0.0 through 5.1.2.RE51 **Description** A path traversal issue exists in the FTP Backup feature of ASUSTOR ADM. The software does not adequately sanitize filenames received from an FTP server when processing directory listings. This allows a malicious server or a man-in-the-middle attacker to create filenames with path traversal sequences, potentially enabling them to write files outside the intended backup directory. Successful exploitation of this issue could lead to arbitrary file overwrites, privilege escalation, or remote code execution. **Recommendations** Update ASUSTOR ADM to a version later than 5.1.2.RE51. Update ASUSTOR ADM to a version later than 4.3.3.ROF1.

**Name of the Vulnerable Software and Affected Versions** ADM versions 4.1.0 through 4.3.3.ROF1 ADM versions 5.0.0 through 5.1.1.RCI1 **Description** A third-party NAT traversal module does not properly validate SSL/TLS certificates when establishing a connection to the signaling server. This could allow a Man-in-the-Middle (MitM) attacker to intercept or redirect the NAT tunnel establishment, potentially disrupting service availability or enabling further attacks by acting as a proxy between the user and device services. **Recommendations** Update ADM to a version later than 4.3.3.ROF1 Update ADM to a version later than 5.1.1.RCI1

**Name of the Vulnerable Software and Affected Versions** ADM versions 4.1.0 through 4.3.3.ROF1 ADM versions 5.0.0 through 5.1.1.RCI1 **Description** The API communication component does not properly validate SSL/TLS certificates when sending HTTPS requests to the server. This improper certificate validation allows a remote attacker to perform a Man-in-the-Middle (MitM) attack, potentially intercepting cleartext communication and exposing sensitive user information. This information may include account emails, MD5 hashed passwords, and device serial numbers. **Recommendations** Update ADM to a version later than 4.3.3.ROF1. Update ADM to a version later than 5.1.1.RCI1.

**Name of the Vulnerable Software and Affected Versions** ADM versions 4.1.0 through 4.3.3.ROF1 ADM versions 5.0.0 through 5.1.1.RCI1 **Description** The DDNS function uses an insecure HTTP connection or fails to validate the SSL/TLS certificate when querying an external server for the device's WAN IP address. This allows an unauthenticated remote attacker to perform a Man-in-the-Middle (MitM) attack to spoof the response, leading the device to update its DDNS record with an incorrect IP address. **Recommendations** Update ADM to a version later than 4.3.3.ROF1. Update ADM to a version later than 5.1.1.RCI1.

**Name of the Vulnerable Software and Affected Versions** ADM versions 4.1.0 through 4.3.3.ROF1 ADM versions 5.0.0 through 5.1.1.RCI1 **Description** The DDNS update function does not properly validate the hostname of the DDNS server’s TLS/SSL certificate. Despite using HTTPS, improper validation allows a remote attacker to intercept communication, potentially performing a Man-in-the-Middle (MitM) attack. This could lead to the compromise of sensitive information during the DDNS updating process, including the user’s account email, MD5 hashed password, and device serial number. **Recommendations** Update ADM to a version later than 4.3.3.ROF1 Update ADM to a version later than 5.1.1.RCI1

**Name of the Vulnerable Software and Affected Versions** ADM versions 4.1.0 through 4.3.3.RKD2 ADM versions 5.0.0 through 5.1.0.RN42 **Description** A weakness exists where a non-enforced TLS certificate verification can allow an attacker intercepting network traffic to perform a man-in-the-middle (MITM) attack. This could lead to the compromise of sensitive information related to the UPS server configuration when a user configures the NAS to retrieve UPS status or control the UPS. **Recommendations** Update ADM to a version later than 4.3.3.RKD2. Update ADM to a version later than 5.1.0.RN42.

**Name of the Vulnerable Software and Affected Versions** ADM versions 4.1.0 through 4.3.3.RKD2 ADM versions 5.0.0 through 5.1.0.RN42 **Description** An improperly validated TLS/SSL certificate when sending emails to an SMTP server via msmtp allows an attacker intercepting network traffic to execute a man-in-the-middle (MITM) attack, potentially obtaining sensitive SMTP information. The attack occurs when a user configures notifications to send emails. **Recommendations** Update ADM to a version later than 4.3.3.RKD2 Update ADM to a version later than 5.1.0.RN42