Lucene search

[email protected]CVE-2008-0804

HistoryFeb 19, 2008 - 12:00 a.m.

CVE-2008-0804

2008-02-1900:00:00

CWE-94

[email protected]

web.nvd.nist.gov

cve-2008-0804

php

remote code execution

thecus

n5200pro

nas server

vulnerability

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.5 High

AI Score

Confidence

High

0.018 Low

EPSS

Percentile

88.1%

JSON

PHP remote file inclusion vulnerability in usrgetform.html in Thecus N5200Pro NAS Server allows remote attackers to execute arbitrary PHP code via a URL in the name parameter.

Affected configurations

NVD

Node

thecusn5200pro_nas_server_control_panel

CPENameOperatorVersion
thecus:n5200pro_nas_server_control_panelthecus n5200pro nas server control paneleq*

CPE	Name	Operator	Version
thecus:n5200pro_nas_server_control_panel	thecus n5200pro nas server control panel	eq	*

References

secunia.com/advisories/29013

www.securityfocus.com/bid/27865

www.exploit-db.com/exploits/5150

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.5 High

AI Score

Confidence

High

0.018 Low

EPSS

Percentile

88.1%

JSON

Related for CVE-2008-0804

cvelist1 nvd1 prion1