CVE-2008-7081

RaidSonic ICY BOX NAS 2.3.2.IB.2.RS.1 - Unauthenticated Authentication Bypass via login Parameter

Title source: llm
STIX 2.1

Description

userHandler.cgi in RaidSonic ICY BOX NAS firmware 2.3.2.IB.2.RS.1 allows remote attackers to bypass authentication and gain administrator privileges by setting the login parameter to admin. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

References (2)

Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/32500
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/46968

Scores

EPSS 0.0224
EPSS Percentile 80.6%

Details

CWE
CWE-287
Status published
Products (1)
raidsonic/icy_box_nas 2.3.2.ib.2.rs.1
Published Aug 25, 2009
Tracked Since Feb 18, 2026