Arbitrary Command Execution Vulnerability in Thecus NAS Server N8800 Firmware 5.03.01

Arbitrary Command Execution Vulnerability in Thecus NAS Server N8800 Firmware 5.03.01

CVE-2013-5667 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

The Thecus NAS server N8800 with firmware 5.03.01 allows remote attackers to execute arbitrary commands via a get_userid action with shell metacharacters in the username parameter.

Learn more about our Cis Benchmark Audit For Server Software.