Technical Advisories

Technical advisories identified by the 7E team.

CVE-2013-5668 Thecus Domain Administrator Password Disclosure

Advisory Information Title: Thecus NAS Server N8800 Firmware 5.03.01 Date published: August 2013 Ref: CVE-2013-5668 CWE-317 Advisory Summary The Domain Administrator Password within the ADS/NT Support page is disclosed due to clear text storage of sensitive information within the GUI. Vendor Thecus Affected Software NAS Server N8800 Firmware 5.03.01 Description of Issue The Domain Administrator […]

Read More

CVE-2013-5667 Thecus OS Command Injection

Advisory Information Title: Thecus NAS Server N8800 Firmware 5.03.01 get_userid OS Command Injection Date published: August 2013 Ref: CVE-2013-5667 CWE-78 Advisory Summary A lack of input validation allows an attacker to execute OS commands directly on the operating system. Vendor Thecus Affected Software NAS Server N8800 Firmware 5.03.01 Description of Issue The application accepts user […]

Read More