Vendor

Thecus

Products

CVEs

Across products

Status

Private

Products

CVE	Risk	CVSS	EPSS	Published	Description
CVE-2008-0804	0.03	—	0.04	Feb 19, 2008	PHP remote file inclusion vulnerability in usrgetform.html in Thecus N5200Pro NAS Server allows remote attackers to execute arbitrary PHP code via a URL in the name parameter.
CVE-2013-5669	0.00	—	0.02	Jan 24, 2014	The Thecus NAS server N8800 with firmware 5.03.01 uses cleartext credentials for administrative authentication, which allows remote attackers to obtain sensitive information by sniffing the network.
CVE-2013-5668	0.00	—	0.01	Jan 24, 2014	The ADS/NT Support page on the Thecus NAS server N8800 with firmware 5.03.01 allows remote attackers to discover the administrator credentials by reading this page's cleartext content.
CVE-2013-5667	0.00	—	0.03	Jan 24, 2014	The Thecus NAS server N8800 with firmware 5.03.01 allows remote attackers to execute arbitrary commands via a get_userid action with shell metacharacters in the username parameter.

CVE-2008-0804Feb 19, 2008
risk 0.03cvss —epss 0.04
PHP remote file inclusion vulnerability in usrgetform.html in Thecus N5200Pro NAS Server allows remote attackers to execute arbitrary PHP code via a URL in the name parameter.
CVE-2013-5669Jan 24, 2014
risk 0.00cvss —epss 0.02
The Thecus NAS server N8800 with firmware 5.03.01 uses cleartext credentials for administrative authentication, which allows remote attackers to obtain sensitive information by sniffing the network.
CVE-2013-5668Jan 24, 2014
risk 0.00cvss —epss 0.01
The ADS/NT Support page on the Thecus NAS server N8800 with firmware 5.03.01 allows remote attackers to discover the administrator credentials by reading this page's cleartext content.
CVE-2013-5667Jan 24, 2014
risk 0.00cvss —epss 0.03
The Thecus NAS server N8800 with firmware 5.03.01 allows remote attackers to execute arbitrary commands via a get_userid action with shell metacharacters in the username parameter.