Vulnerabilities > CVE-2013-5668 - Credentials Management vulnerability in Thecus N8800 NAS Server and N8800 NAS Server Firmware
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
NONE Availability impact
NONE Summary
The ADS/NT Support page on the Thecus NAS server N8800 with firmware 5.03.01 allows remote attackers to discover the administrator credentials by reading this page's cleartext content.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 1 | |
Hardware | 1 |
Common Weakness Enumeration (CWE)
Seebug
bulletinFamily | exploit |
description | CVE(CAN) ID: CVE-2013-5668 Thecus NAS server N8800是一款网络接入服务器设备。 Thecus NAS server N8800(固件版本5.03.01)的ADS/NT Support页面上在实现上存在安全漏洞,远程攻击者通过读取该页的纯文本内容,利用此漏洞可获取管理员凭证。 0 thecus NAS Server N8800 5.03.01 厂商补丁: thecus ------ 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.thecus.com/ http://www.7elements.co.uk/news/cve-2013-5668 http://www.7elements.co.uk/resources/blog/multiple-vulnerabilities-thecus-nas/ |
id | SSV:61395 |
last seen | 2017-11-19 |
modified | 2014-02-10 |
published | 2014-02-10 |
reporter | Root |
title | Thecus NAS Server N8800 ADS/NT Support凭证泄露漏洞 |