← back
CVE-2014-5457

CVE-2014-5457

EPSS 0.3%
QNAP TS-469U with firmware 4.0.7 Build 20140410, TS-459U, TS-EC1679U-RP, and SS-839 use world-readable permissions for /etc/config/shadow, which allows local users to obtain usernames and hashed passwords by reading the password.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://seclists.org/fulldisclosure/2014/Jul/57http://seclists.org/fulldisclosure/2014/Jul/58http://seclists.org/fulldisclosure/2014/Jul/59http://seclists.org/fulldisclosure/2014/Jul/61