CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2013-5667

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1900%
EPSS Percentile30.36th
Published2014年1月24日
Last Modified2026年4月29日

Vulnerability Description

The Thecus NAS server N8800 with firmware 5.03.01 allows remote attackers to execute arbitrary commands via a get_userid action with shell metacharacters in the username parameter.

Affected Platforms (CPE)

💻
Thecus

N8800 Nas Server Firmware

= 5.03.01
🔌
Thecus

N8800 Nas Server

All versions

References & Advisories

🔗 http://www.7elements.co.uk/news/cve-2013-5667/
🔗 http://www.7elements.co.uk/resources/blog/multiple-vulnerabilities-thecus-nas/
🔗 http://www.kb.cert.org/vuls/id/105686
🔗 http://www.7elements.co.uk/news/cve-2013-5667/
🔗 http://www.7elements.co.uk/resources/blog/multiple-vulnerabilities-thecus-nas/
🔗 http://www.kb.cert.org/vuls/id/105686

相關漏洞威脅

CVE-2013-56687.8

The ADS/NT Support page on the Thecus NAS server N8800 with firmware 5.03.01 allows remote attackers to discover the administrator...

CVE-2013-56697.8

The Thecus NAS server N8800 with firmware 5.03.01 uses cleartext credentials for administrative authentication, which allows remot...

CVE-2013-007310.0

The Windows Forms (aka WinForms) component in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly restrict ...

CVE-2013-136810.0

Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x befo...