Vulnerability Details CVE-2013-5667
The Thecus NAS server N8800 with firmware 5.03.01 allows remote attackers to execute arbitrary commands via a get_userid action with shell metacharacters in the username parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.025
EPSS Ranking 84.9%
CVSS Severity
CVSS v2 Score 10.0
References
- http://www.7elements.co.uk/news/cve-2013-5667/
- http://www.7elements.co.uk/resources/blog/multiple-vulnerabilities-thecus-nas/
- http://www.kb.cert.org/vuls/id/105686
- http://www.7elements.co.uk/news/cve-2013-5667/
- http://www.7elements.co.uk/resources/blog/multiple-vulnerabilities-thecus-nas/
- http://www.kb.cert.org/vuls/id/105686
Products affected by CVE-2013-5667
-
cpe:2.3:h:thecus:n8800_nas_server:-
-
cpe:2.3:o:thecus:n8800_nas_server_firmware:5.03.01