Vulnerabilities > CVE-2013-5669 - Credentials Management vulnerability in Thecus N8800 NAS Server and N8800 NAS Server Firmware
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
NONE Availability impact
NONE Summary
The Thecus NAS server N8800 with firmware 5.03.01 uses cleartext credentials for administrative authentication, which allows remote attackers to obtain sensitive information by sniffing the network.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 1 | |
Hardware | 1 |
Common Weakness Enumeration (CWE)
Seebug
bulletinFamily | exploit |
description | CVE(CAN) ID: CVE-2013-5669 Thecus NAS server N8800是一款网络接入服务器设备。 Thecus NAS server N8800(固件版本5.03.01)对管理员身份验证使用了纯文本的凭证,这可使远程攻击者通过嗅探网络获取敏感信息。 0 thecus NAS Server N8800 5.03.01 厂商补丁: thecus ------ 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.thecus.com/ http://www.7elements.co.uk/news/cve-2013-5669 http://www.7elements.co.uk/resources/blog/multiple-vulnerabilities-thecus-nas/ |
id | SSV:61396 |
last seen | 2017-11-19 |
modified | 2014-02-10 |
published | 2014-02-10 |
reporter | Root |
title | Thecus NAS Server N8800信息泄露漏洞 |