Vulnerability Note VU#105686
Thecus NAS Server N8800 contains multiple vulnerabilities
Thecus NAS server N8800 with firmware version 5.03.01, and possibly earlier versions, contains multiple vulnerabilities.
The 7 Elements advisory states that the Thecus NAS server N8800 device contains the following vulnerabilities:
CVE-2013-5667 - Thecus NAS Server N8800 Firmware 5.03.01 get_userid OS Command Injection
An attacker may be able to execute arbitrary system commands, steal the Domain Administrator credentials, or sniff administrative passwords.
Apply an Update
Vendor Information (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Thecus Tech||Affected||27 Nov 2013||23 Jan 2014|
CVSS Metrics (Learn More)
Thanks to David Stubley for reporting this vulnerability.
This document was written by Jared Allar.
- CVE IDs: CVE-2013-5667 CVE-2013-5668 CVE-2013-5669
- Date Public: 23 Jan 2014
- Date First Published: 23 Jan 2014
- Date Last Updated: 10 Feb 2014
- Document Revision: 14
If you have feedback, comments, or additional information about this vulnerability, please send us email.