CVE-2026-24933 – An improper certificate validation vulnerability was found in ADM while sending HTTPS requests to the server.

CVE ID : CVE-2026-24933

Published : Feb. 3, 2026, 2:22 a.m. | 55 minutes ago

Description : The API communication component fails to validate the SSL/TLS certificate when sending HTTPS requests to the server. An improper certificates validation vulnerability allows an unauthenticated remote attacker can perform a Man-in-the-Middle (MitM) attack to intercept the cleartext communication, potentially leading to the exposure of sensitive user information, including account emails, MD5 hashed passwords, and device serial numbers.

Affected products and versions include: from ADM 4.1.0 through ADM 4.3.3.ROF1 as well as from ADM 5.0.0 through ADM 5.1.1.RCI1.

Severity: 8.9 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more… 

آسیب‌پذیری‌های جدید و وصله‌های امنیتی به‌صورت مداوم منتشر می‌شوند و عدم بروزرسانی به‌موقع می‌تواند امنیت سرویس‌های حیاتی را به خطر بیندازد. خدمات مدیریت و پشتیبانی سرور آفاق هاستینگ شامل پایش امنیتی، بروزرسانی نرم‌افزارها، نصب Patchهای امنیتی و سخت‌سازی سرورها است.

خدمات مدیریت و امنیت سرور

نوشته های مشابه

CVE-2026-13522 – Investintech SlimPDFReader PDF File SlimPDFReader.exe TeighaDo+0x25cde0 out-of-bounds

CVE-2026-13521 – SourceCodester Class and Exam Timetabling System preview5.php sql injection

CVE-2026-13520 – itsourcecode Hospital Management System Appointment appointmentapproval.php sql injection

CVE-2026-13519 – Tenda JD12L NatStaticSetting fromNatStaticSetting stack-based overflow