CyberSec.Space Logo
Back to CVE Browser

CVE-2013-5667

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1900%
EPSS Percentile30.36th
PublishedJan 24, 2014
Last ModifiedApr 29, 2026

Vulnerability Description

The Thecus NAS server N8800 with firmware 5.03.01 allows remote attackers to execute arbitrary commands via a get_userid action with shell metacharacters in the username parameter.

Affected Platforms (CPE)

πŸ’»
Thecus

N8800 Nas Server Firmware

= 5.03.01
πŸ”Œ
Thecus

N8800 Nas Server

All versions

References & Advisories

πŸ”— http://www.7elements.co.uk/news/cve-2013-5667/
πŸ”— http://www.7elements.co.uk/resources/blog/multiple-vulnerabilities-thecus-nas/
πŸ”— http://www.kb.cert.org/vuls/id/105686
πŸ”— http://www.7elements.co.uk/news/cve-2013-5667/
πŸ”— http://www.7elements.co.uk/resources/blog/multiple-vulnerabilities-thecus-nas/
πŸ”— http://www.kb.cert.org/vuls/id/105686

Related Vulnerabilities

CVE-2013-56687.8

The ADS/NT Support page on the Thecus NAS server N8800 with firmware 5.03.01 allows remote attackers to discover the administrator...

CVE-2013-56697.8

The Thecus NAS server N8800 with firmware 5.03.01 uses cleartext credentials for administrative authentication, which allows remot...

CVE-2013-273310.0

Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allows attackers to exec...

CVE-2013-136910.0

Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x befo...