Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
9.1
Ayms Node-To Master: Unverified TLS Connections Possible
CVE-2025-70043
Summary
Ayms Node-To Master may not verify the identity of servers it connects to, potentially allowing a malicious server to impersonate a trusted one. This could lead to sensitive data being sent to an unauthorized server. To mitigate, update Ayms to a version that properly enables TLS/SSL certificate validation.
Original title
An issue pertaining to CWE-295: Improper Certificate Validation was discovered in Ayms node-To master. The application disables TLS/SSL certificate validation by setting 'rejectUnauthorized': false...
Original description
An issue pertaining to CWE-295: Improper Certificate Validation was discovered in Ayms node-To master. The application disables TLS/SSL certificate validation by setting 'rejectUnauthorized': false in TLS socket options
nvd CVSS3.1
9.1
Vulnerability type
CWE-295
Improper Certificate Validation
Published: 23 Feb 2026 · Updated: 12 Mar 2026 · First seen: 6 Mar 2026