Unrated severityNVD Advisory· Published Aug 25, 2014· Updated May 6, 2026

CVE-2014-5457

Description

QNAP TS-469U with firmware 4.0.7 Build 20140410, TS-459U, TS-EC1679U-RP, and SS-839 use world-readable permissions for /etc/config/shadow, which allows local users to obtain usernames and hashed passwords by reading the password.

Affected products

Qnap/Ts 469u Firmware
cpe:2.3:o:qnap:ts-469u_firmware:4.0.7:*:*:*:*:*:*:*
Qnap/Ts 469u
cpe:2.3:h:qnap:ts-469u:-:*:*:*:*:*:*:*
Qnap/Ts Ec1679u Rp Firmware
cpe:2.3:o:qnap:ts-ec1679u-rp_firmware:4.0.7:*:*:*:*:*:*:*
Qnap/Ts Ec1679u Rp
cpe:2.3:h:qnap:ts-ec1679u-rp:-:*:*:*:*:*:*:*
Qnap/Ts 459u Firmware
cpe:2.3:o:qnap:ts-459u_firmware:4.0.7:*:*:*:*:*:*:*
Qnap/Ts 459u
cpe:2.3:h:qnap:ts-459u:-:*:*:*:*:*:*:*
Qnap/Ss 839 Firmware
cpe:2.3:o:qnap:ss-839_firmware:4.0.7:*:*:*:*:*:*:*
Qnap/Ss 839
cpe:2.3:h:qnap:ss-839:-:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000