CVE-2026-3100NVD

Vulnerability Summary

Improper Certificate Validation vulnerability in ASUSTOR ADM FTP Backup on Linux, x86, ARM, 64 bit allows Sniffing Attacks.This issue affects ADM: from 4.1.0 through 4.3.3.ROF1, from 5.0.0 through 5.1.2.RE51.

Severity Level

HIGH(8.3)

Published Date

Feb 25, 2026

Last Modified

Feb 25, 2026

Exploitation Status

????

EPSS Score (30-Day)

0.05%Probability

Root Weakness (CWE)

CWE-295: Unknown/Unlisted Weakness ↗

Refer to the official MITRE database for detailed architectural specifications regarding this weakness.

CVSS v4.0 Base Metrics

Attack VectorNetwork

Attack ComplexityLow

Privileges RequiredNone

User InteractionNone

External References

https://www.asustor.com/security/security_advisory_detail?id=53

Critical Alert 1 Active Exploit Detected Today

CVE Watchtower

CVE-2026-3100NVD

Vulnerability Summary

External References