Filtered by vendor Thecus
Subscribe
Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-34111 | 1 Thecus | 2 N4800eco, N4800eco Firmware | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
| Thecus 4800Eco was discovered to contain a command injection vulnerability via the username parameter in /adm/setmain.php. | |||||
| CVE-2013-5667 | 1 Thecus | 2 N8800 Nas Server, N8800 Nas Server Firmware | 2024-02-28 | 10.0 HIGH | N/A |
| The Thecus NAS server N8800 with firmware 5.03.01 allows remote attackers to execute arbitrary commands via a get_userid action with shell metacharacters in the username parameter. | |||||
| CVE-2013-5668 | 1 Thecus | 2 N8800 Nas Server, N8800 Nas Server Firmware | 2024-02-28 | 7.8 HIGH | N/A |
| The ADS/NT Support page on the Thecus NAS server N8800 with firmware 5.03.01 allows remote attackers to discover the administrator credentials by reading this page's cleartext content. | |||||
| CVE-2013-5669 | 1 Thecus | 2 N8800 Nas Server, N8800 Nas Server Firmware | 2024-02-28 | 7.8 HIGH | N/A |
| The Thecus NAS server N8800 with firmware 5.03.01 uses cleartext credentials for administrative authentication, which allows remote attackers to obtain sensitive information by sniffing the network. | |||||
| CVE-2008-0804 | 1 Thecus | 1 N5200pro Nas Server Control Panel | 2024-02-28 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in usrgetform.html in Thecus N5200Pro NAS Server allows remote attackers to execute arbitrary PHP code via a URL in the name parameter. | |||||