CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-13053

When a user configures the NAS to retrieve UPS status or control the UPS, a non-enforced TLS certificate verification can allow an attacker able to intercept network traffic between the client and server can perform a man-in-the-middle (MITM) attack, which may obtain the sensitive information of the UPS server configuation. This issue affects ADM: from 4.1.0 through 4.3.3.RKD2, from 5.0.0 through 5.1.0.RN42.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 1.2%

CVSS Severity

CVSS v3 Score 3.7

References

https://www.asustor.com/security/security_advisory_detail?id=49

Products affected by CVE-2025-13053

Asustor » Data Master » Version: 4.1.0.rhu2

cpe:2.3:o:asustor:data_master:4.1.0.rhu2
Asustor » Data Master » Version: 4.1.0.rj72

cpe:2.3:o:asustor:data_master:4.1.0.rj72
Asustor » Data Master » Version: 4.1.0.rjd1

cpe:2.3:o:asustor:data_master:4.1.0.rjd1
Asustor » Data Master » Version: 4.1.0.rkm1

cpe:2.3:o:asustor:data_master:4.1.0.rkm1
Asustor » Data Master » Version: 4.1.0.rlq1

cpe:2.3:o:asustor:data_master:4.1.0.rlq1
Asustor » Data Master » Version: 4.2.0.rc81

cpe:2.3:o:asustor:data_master:4.2.0.rc81
Asustor » Data Master » Version: 4.2.0.re71

cpe:2.3:o:asustor:data_master:4.2.0.re71
Asustor » Data Master » Version: 4.2.1.rge2

cpe:2.3:o:asustor:data_master:4.2.1.rge2
Asustor » Data Master » Version: 4.2.2.ri61

cpe:2.3:o:asustor:data_master:4.2.2.ri61
Asustor » Data Master » Version: 4.2.3.rk91

cpe:2.3:o:asustor:data_master:4.2.3.rk91
Asustor » Data Master » Version: 4.2.4.rl82

cpe:2.3:o:asustor:data_master:4.2.4.rl82
Asustor » Data Master » Version: 4.2.5.rn33

cpe:2.3:o:asustor:data_master:4.2.5.rn33
Asustor » Data Master » Version: 4.2.6.ror2

cpe:2.3:o:asustor:data_master:4.2.6.ror2
Asustor » Data Master » Version: 4.2.6.rpi1

cpe:2.3:o:asustor:data_master:4.2.6.rpi1
Asustor » Data Master » Version: 4.2.7.rr41

cpe:2.3:o:asustor:data_master:4.2.7.rr41
Asustor » Data Master » Version: 4.2.7.rrd1

cpe:2.3:o:asustor:data_master:4.2.7.rrd1
Asustor » Data Master » Version: 4.3.0.rsb1

cpe:2.3:o:asustor:data_master:4.3.0.rsb1
Asustor » Data Master » Version: 4.3.1.r6c1

cpe:2.3:o:asustor:data_master:4.3.1.r6c1
Asustor » Data Master » Version: 4.3.1.r752

cpe:2.3:o:asustor:data_master:4.3.1.r752
Asustor » Data Master » Version: 4.3.2.r9q2

cpe:2.3:o:asustor:data_master:4.3.2.r9q2
Asustor » Data Master » Version: 4.3.3.rc92

cpe:2.3:o:asustor:data_master:4.3.3.rc92
Asustor » Data Master » Version: 4.3.3.rfk1

cpe:2.3:o:asustor:data_master:4.3.3.rfk1
Asustor » Data Master » Version: 4.3.3.rh61

cpe:2.3:o:asustor:data_master:4.3.3.rh61
Asustor » Data Master » Version: 4.3.3.rjh1

cpe:2.3:o:asustor:data_master:4.3.3.rjh1
Asustor » Data Master » Version: 4.3.3.rjl1

cpe:2.3:o:asustor:data_master:4.3.3.rjl1
Asustor » Data Master » Version: 4.3.3.rkd2

cpe:2.3:o:asustor:data_master:4.3.3.rkd2
Asustor » Data Master » Version: 5.0.0.ra82

cpe:2.3:o:asustor:data_master:5.0.0.ra82
Asustor » Data Master » Version: 5.0.0.rcg1

cpe:2.3:o:asustor:data_master:5.0.0.rcg1
Asustor » Data Master » Version: 5.0.0.reo2

cpe:2.3:o:asustor:data_master:5.0.0.reo2
Asustor » Data Master » Version: 5.0.0.rfp3

cpe:2.3:o:asustor:data_master:5.0.0.rfp3
Asustor » Data Master » Version: 5.0.0.rhn2

cpe:2.3:o:asustor:data_master:5.0.0.rhn2
Asustor » Data Master » Version: 5.0.0.rin1

cpe:2.3:o:asustor:data_master:5.0.0.rin1
Asustor » Data Master » Version: 5.0.0.rjg2

cpe:2.3:o:asustor:data_master:5.0.0.rjg2
Asustor » Data Master » Version: 5.0.0.rjl1

cpe:2.3:o:asustor:data_master:5.0.0.rjl1
Asustor » Data Master » Version: 5.0.1.rkd2

cpe:2.3:o:asustor:data_master:5.0.1.rkd2
Asustor » Data Master » Version: 5.1.0.rmm1

cpe:2.3:o:asustor:data_master:5.1.0.rmm1
Asustor » Data Master » Version: 5.1.0.rn42

cpe:2.3:o:asustor:data_master:5.1.0.rn42

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-13053

Products

Pricing

Contact Us