PT-2014-2944 · Thecus · Thecus Nas Server N8800
David Stubley
·
Publicado
2014-01-24
·
Atualizado
2014-01-24
·
CVE-2013-5669
CVSS v2.0
7.8
Alta
| Vetor | AV:N/AC:L/Au:N/C:C/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Thecus NAS server N8800 version 5.03.01
Description
The issue concerns the use of cleartext credentials for administrative authentication. This allows remote attackers to obtain sensitive information by sniffing the network.
Recommendations
For Thecus NAS server N8800 version 5.03.01, consider updating the firmware to a version that uses encrypted credentials for administrative authentication. As a temporary workaround, restrict access to the administrative interface to minimize the risk of exploitation.
Exploit
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Thecus Nas Server N8800