VYPR
Unrated severityNVD Advisory· Published Aug 25, 2014· Updated Jun 17, 2026

CVE-2014-5457

CVE-2014-5457

Description

QNAP TS-469U with firmware 4.0.7 Build 20140410, TS-459U, TS-EC1679U-RP, and SS-839 use world-readable permissions for /etc/config/shadow, which allows local users to obtain usernames and hashed passwords by reading the password.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

9
  • cpe:2.3:h:qnap:ss-839:-:*:*:*:*:*:*:*
  • cpe:2.3:h:qnap:ts-459u:-:*:*:*:*:*:*:*
  • Qnap/Ts 469u2 versions
    cpe:2.3:h:qnap:ts-469u:-:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:h:qnap:ts-469u:-:*:*:*:*:*:*:*
    • (no CPE)range: = 4.0.7 Build 20140410
  • cpe:2.3:h:qnap:ts-ec1679u-rp:-:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:h:qnap:ts-ec1679u-rp:-:*:*:*:*:*:*:*
    • cpe:2.3:o:qnap:ts-ec1679u-rp_firmware:4.0.7:*:*:*:*:*:*:*
  • cpe:2.3:o:qnap:ss-839_firmware:4.0.7:*:*:*:*:*:*:*
  • cpe:2.3:o:qnap:ts-459u_firmware:4.0.7:*:*:*:*:*:*:*
  • cpe:2.3:o:qnap:ts-469u_firmware:4.0.7:*:*:*:*:*:*:*

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.