CyberSec.Space Logo
CVEブラウザに戻る

CVE-2014-5334

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0450%
EPSS Percentile34.24th
Published2018年1月8日
Last Modified2024年11月21日

Vulnerability Description

FreeNAS before 9.3-M3 has a blank admin password, which allows remote attackers to gain root privileges by leveraging a WebGui login.

Affected Platforms (CPE)

📦
Freenas

Freenas

<= 9.2.1.7
📦
Freenas

Freenas

= 9.3
📦
Freenas

Freenas

= 9.3
📦
Freenas

Freenas

= 9.3

References & Advisories

🔗 http://www.openwall.com/lists/oss-security/2014/08/19/2
🔗 http://www.securityfocus.com/bid/69249
🔗 https://bugs.freenas.org/issues/5844
🔗 http://www.openwall.com/lists/oss-security/2014/08/19/2
🔗 http://www.securityfocus.com/bid/69249
🔗 https://bugs.freenas.org/issues/5844

関連する脆弱性情報

CVE-2020-116507.5

An issue was discovered in iXsystems FreeNAS (and TrueNAS) 11.2 before 11.2-u8 and 11.3 before 11.3-U1. It allows a denial of serv...

CVE-2009-27384.3

Cross-site request forgery (CSRF) vulnerability in the WebGUI in FreeNAS before 0.7RC1 allows remote attackers to hijack the authe...

CVE-2009-27394.3

Cross-site scripting (XSS) vulnerability in FreeNAS before 0.69.2 allows remote attackers to inject arbitrary web script or HTML v...

CVE-2010-20059

FreeNAS 0.7.2 prior to revision 5543 includes an unauthenticated command‐execution backdoor in its web interface. The exec_raw.php...