Unrated severityNVD Advisory· Published Feb 25, 2026· Updated Feb 27, 2026
An improper certificate validation vulnerability was found in the FTP Backup on the ADM.
CVE-2026-3100
Description
The FTP Backup on the ADM will not properly strictly enforce TLS certificate verification while connecting to an FTP server using FTPES/FTPS. An improper validated TLS/SSL certificates allows a remote attacker can intercept network traffic to perform a Man-in-the-Middle (MitM) attack, which may intercept, modify, or obtain sensitive information such as authentication credentials and backup data. Affected products and versions include: from ADM 4.1.0 through ADM 4.3.3.ROF1 as well as from ADM 5.0.0 through ADM 5.1.2.RE51.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1Patches
Vulnerability mechanics
References
1- www.asustor.com/security/security_advisory_detailmitrevendor-advisory
News mentions
0No linked articles in our index yet.