CVE-2026-3100
Received Received - Intake
Improper Certificate Validation in ASUSTOR ADM FTP Enables Sniffing

Publication date: 2026-02-25

Last updated on: 2026-02-26

Assigner: ASUSTOR, Inc.

Description
The FTP Backup on the ADM will not properly strictly enforce TLS certificate verification while connecting to an FTP server using FTPES/FTPS. An improper validated TLS/SSL certificates allows a remote attacker can intercept network traffic to perform a Man-in-the-Middle (MitM) attack, which may intercept, modify, or obtain sensitive information such as authentication credentials and backup data. Affected products and versions include: from ADM 4.1.0 through ADM 4.3.3.ROF1 as well as from ADM 5.0.0 through ADM 5.1.2.RE51.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-25
Last Modified
2026-02-26
Generated
2026-06-16
AI Q&A
2026-02-25
EPSS Evaluated
2026-06-14
NVD
CVE-2026-3100
EUVD
EUVD-2026-8516
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
asustor data_master From 4.1.0.rhu2 (inc) to 4.3.3.rof1 (inc)
asustor data_master From 5.0.0.ra82 (inc) to 5.1.2.reo1 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-295 The product does not validate, or incorrectly validates, a certificate.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-3100 is a vulnerability in the FTP Backup feature of ASUSTOR Data Master (ADM) versions 4.1.0 through 4.3.3.ROF1 and 5.0.0 through 5.1.2.RE51. It is caused by improper enforcement of TLS certificate validation when connecting to FTP servers using FTPES/FTPS.

This flaw allows a remote attacker to perform a Man-in-the-Middle (MitM) attack by intercepting and potentially modifying network traffic. As a result, the attacker can gain access to sensitive information such as authentication credentials and backup data.

Impact Analysis

The vulnerability can lead to a Man-in-the-Middle attack where an attacker intercepts and modifies network traffic between the ADM FTP Backup client and the FTP server.

This can result in exposure of sensitive information including authentication credentials and backup data, potentially compromising the confidentiality and integrity of your backups.

Compliance Impact

I don't know

Detection Guidance

This vulnerability involves improper TLS certificate validation in the FTP Backup feature of ASUSTOR ADM, which can be exploited via Man-in-the-Middle (MitM) attacks on FTPES/FTPS connections.

To detect this vulnerability on your network or system, you can monitor FTPES/FTPS traffic for unusual or suspicious TLS certificate behavior, such as self-signed or invalid certificates during FTP backup sessions.

Specific commands are not provided in the available resources, but general approaches include:

  • Using network packet capture tools like Wireshark or tcpdump to inspect FTPES/FTPS handshake and certificate exchanges.
  • Checking the version of ASUSTOR ADM installed to see if it falls within the vulnerable ranges (4.1.0 through 4.3.3.ROF1 and 5.0.0 through 5.1.2.RE51).
  • Reviewing system logs for FTP backup connection errors or warnings related to TLS certificate validation.
Mitigation Strategies

The primary mitigation step is to upgrade ASUSTOR ADM to version 5.1.2.REO1 or later, where this vulnerability has been fixed.

Until the upgrade can be performed, consider disabling the FTP Backup feature or avoiding the use of FTPES/FTPS connections for backups to prevent exposure to Man-in-the-Middle attacks.

Additionally, monitor network traffic for suspicious activity and ensure that TLS certificates used in FTP connections are valid and properly verified.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-3100. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart