CVE-2013-5668 - The ADS/NT Support page on the Thecus NAS server N8800 with firmware 5.03.01 allows remote attackers

CVE Details

CVE-2013-5668

Summary

The ADS/NT Support page on the Thecus NAS server N8800 with firmware 5.03.01 allows remote attackers to discover the administrator credentials by reading this page's cleartext content.

References

Vulnerable Configurations

cpe:2.3:o:thecus:n8800_nas_server_firmware:5.03.01:*:*:*:*:*:*:*
cpe:2.3:o:thecus:n8800_nas_server_firmware:5.03.01:*:*:*:*:*:*:*
cpe:2.3:h:thecus:n8800_nas_server:-:*:*:*:*:*:*:*
cpe:2.3:h:thecus:n8800_nas_server:-:*:*:*:*:*:*:*

CVSS

Base:	7.8 (as of 24-01-2014 - 16:25)
Impact:	6.9
Exploitability:	10.0

CWE

CWE-255

CAPEC

Click the CAPEC title to display a description

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	NONE	NONE

cvss-vector via4

AV:N/AC:L/Au:N/C:C/I:N/A:N

refmap via4

cert-vn	VU#105686
misc	http://www.7elements.co.uk/news/cve-2013-5668/ http://www.7elements.co.uk/resources/blog/multiple-vulnerabilities-thecus-nas/

Last major update

24-01-2014 - 16:25

Published

24-01-2014 - 04:38

Last modified

24-01-2014 - 16:25