CVE Reference: CVE-2013-5667

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE:
CVE-2013-5667

Description:
The Thecus NAS server N8800 with firmware 5.03.01 allows remote attackers to execute arbitrary commands via a get_userid action with shell metacharacters in the username parameter.

CVE Status:
Candidate

References:

MISC
  http://www.7elements.co.uk/news/cve-2013-5667/
  http://www.7elements.co.uk/resources/blog/multiple-vulnerabilities-thecus-nas/

CERT-VN
  105686


Return to the previous page.