← Back

Thecus

thecus

5 CVEs • 5 products

Products (5)

Click to collapse
Toggle
N8800 Nas Server Firmware
n8800_nas_server_firmware
3 CVEs
N8800 Nas Server
n8800_nas_server
3 CVEs
N5200pro Nas Server Control Panel
n5200pro_nas_server_control_panel
1 CVE
N4800eco Firmware
n4800eco_firmware
1 CVE
N4800eco
n4800eco
0 CVEs

CVEs (5)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2021-34111
1Thecus
1N4800eco Firmware
Nov 21, 2024
May 20, 2022
N/A· v4
9.8 CRITICAL· v3
10.0 HIGH· v2
Thecus 4800Eco was discovered to contain a command injection vulnerability via the username parameter in /adm/setmain.php.
CVE-2013-5669
1Thecus
2N8800 Nas Server
N8800 Nas Server Firmware
Apr 29, 2026
Jan 24, 2014
N/A· v4
N/A· v3
7.8 HIGH· v2
The Thecus NAS server N8800 with firmware 5.03.01 uses cleartext credentials for administrative authentication, which allows remote attackers to obtain sensitive information by sniffing the network.
CVE-2013-5668
1Thecus
2N8800 Nas Server
N8800 Nas Server Firmware
Apr 29, 2026
Jan 24, 2014
N/A· v4
N/A· v3
7.8 HIGH· v2
The ADS/NT Support page on the Thecus NAS server N8800 with firmware 5.03.01 allows remote attackers to discover the administrator credentials by reading this page's cleartext content.
CVE-2013-5667
1Thecus
2N8800 Nas Server
N8800 Nas Server Firmware
Apr 29, 2026
Jan 24, 2014
N/A· v4
N/A· v3
10.0 HIGH· v2
The Thecus NAS server N8800 with firmware 5.03.01 allows remote attackers to execute arbitrary commands via a get_userid action with shell metacharacters in the username parameter.
CVE-2008-0804
1Thecus
1N5200pro Nas Server Control Panel
Apr 23, 2026
Feb 19, 2008
N/A· v4
N/A· v3
6.8 MEDIUM· v2
PHP remote file inclusion vulnerability in usrgetform.html in Thecus N5200Pro NAS Server allows remote attackers to execute arbitrary PHP code via a URL in the name parameter.