Back to search
CVE-2025-13052
Published: Dec 12, 2025
Modified: Dec 12, 2025
PUBLISHED
Description
When the user set the Notification's sender to send emails to the SMTP server via msmtp, an improper validated TLS/SSL certificates allows an attacker who can intercept network traffic between the SMTP client and server to execute a man-in-the-middle (MITM) attack, which may obtain the sensitive information of the SMTP. Affected products and versions include: from ADM 4.1.0 through ADM 4.3.3.RKD2 as well as from ADM 5.0.0 through ADM 5.1.0.RN42.
| Vendor | Product | Versions |
|---|---|---|
ASUSTOR | ADM | affected 4.1.0 - <= 4.3.3.RKD2affected 5.0.0 - <= 5.1.0.RN42 |
Weaknesses (CWE)
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now