Advisory Information
Title: Thecus NAS Server Domain Administrator Password Disclosure
Date published: 13 January 2014
Reference: CVE-2013-5668
Advisory Summary
The Domain Administrator Password within the ADS/NT Support page is disclosed due to clear text storage of sensitive information within the GUI.
Vendor
Thecus <http://www.thecus.com/>
Affected Software
Thecus NAS Server N8800 Firmware 5.03.01
Description of Issue
The Domain Administrator Password within the ADS/NT Support page is disclosed due to clear text storage of sensitive information within the GUI. Any user who has access to this page is able to retrieve the ADS/NT administrator ID and password. This could enable an attacker to gain access to the domain hosting the storage server.
PoC
Attackers can use a browser to exploit these issues.
Fix
ThecusOS 5 (32 bit):
http://www.thecus.com/Downloads/beta/FW/Thecus_NAS_FW_beta_5.03.02.4.rom
ThecusOS 5 (64 bit):
http://www.thecus.com/Downloads/beta/FW/64_V2.04.05_build7464_FW_N2800_N4510U_N4800_N5550_N7510.rom
http://www.thecus.com/Downloads/beta/FW/64_V2.04.05_build7464_FW_N7700PROV2_N8800PROV2.rom