TLS/SSL Certificate Validation Vulnerability in Asustor ADM Software
CVE-2025-13052

7HIGH

Key Information:

Vendor: Asustor
Status: Adm
Vendor: CVE Published:; 12 December 2025

What is CVE-2025-13052?

A vulnerability in Asustor's ADM software arises from inadequate validation of TLS/SSL certificates when configuring email notifications via the msmtp email client. This flaw could enable an attacker with access to intercept network traffic between the SMTP client and server, facilitating a man-in-the-middle (MITM) attack. Such an attack could expose sensitive information transmitted during email communications, posing significant security risks to users relying on secure SMTP transactions.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

ADM Linux 4.1.0 <= 4.3.3.RKD2

ADM Linux 5.0.0 <= 5.1.0.RN42

References

https://www.asustor.com/security/security_advisory_detail...

vendor-advisory

CVSS V4

Score:

Severity:

HIGH

Confidentiality:

Low

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Timeline

Vulnerability published
Dec 12, 2025
Vulnerability Reserved
Nov 12, 2025

Credit

Nuke

JSON

Asustor

What is CVE-2025-13052?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V4

Timeline

Credit

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.