3 matches found
Thecus NAS Server N8800 get_userid OS命令注入漏洞
CVECAN ID: CVE-2013-5667 Thecus NAS server N8800是一款网络接入服务器设备。 Thecus NAS server N8800(固件版本5.03.01)在实现上存在安全漏洞,远程攻击者通过用户名参数内包含元字符的getuserid操作,利用此漏洞可执行任意命令。 0 thecus NAS Server N8800 5.03.01 厂商补丁: thecus ------ 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.thecus.com/...
CVE-2013-5667
The CVE-2013-5667 issue affects Thecus NAS server N8800 with firmware 5.03.01, where a get_userid action accepts a username containing shell metacharacters, enabling remote command execution. The vulnerability is triggered via user input parsed by the OS shell, allowing arbitrary commands to be r...
Thecus NAS Server N8800 contains multiple vulnerabilities
Overview Thecus NAS server N8800 with firmware version 5.03.01, and possibly earlier versions, contains multiple vulnerabilities. Description The 7 Elements advisory states that the Thecus NAS server N8800 device contains the following vulnerabilities:CVE-2013-5667 - Thecus NAS Server N8800...