Post by fajo on Aug 19, 2009 20:03:29 GMT 7
Today I opened 3 new vulnerability tickets with Thecus on the N0204 (FW 1.x).
I was able to identify at least 3 scripts that are part of the WebUI that allow remote file or system access to the NAS without proper authorization/authentiation.
Beside these 3 new vulnerabilities an existing one (KKM-798736 - RFI vulnerability in usr/usrgetform.html) applies to this model too.
I recommend to not allow remote access (http/https) to the NAS from untrusted networks (e.g. Internet).
I do not expect these to be fixed within the next couple of months (if ever) - KKM-798736 has been opened on Feb 26th 2008 and affects most models and has not been fixed yet ....
/Falk
I was able to identify at least 3 scripts that are part of the WebUI that allow remote file or system access to the NAS without proper authorization/authentiation.
- LWD-156431 - Remote unauthorized privileged file access in /img/htdocs/adm/usbcopy.php
- LNX-132567 - Remote unauthorized privileged access in /img/htdocs/adm/login.html
- BDL-155821 - Remote unauthorized privileged access in /img/htdocs/adm/usblusage.php
Beside these 3 new vulnerabilities an existing one (KKM-798736 - RFI vulnerability in usr/usrgetform.html) applies to this model too.
I recommend to not allow remote access (http/https) to the NAS from untrusted networks (e.g. Internet).
I do not expect these to be fixed within the next couple of months (if ever) - KKM-798736 has been opened on Feb 26th 2008 and affects most models and has not been fixed yet ....
/Falk
