CVE-2021-47816

HIGH

Thecus N4800Eco - Command Injection

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2021-47816. PoCs published by Metin Yunus Kandemir.

AI-analyzed exploit summary This exploit leverages a command injection vulnerability in Thecus N4800Eco NAS Server Control Panel by injecting commands through the 'username' parameter in the user deletion and batch creation functions. It authenticates, executes arbitrary commands, and reads system logs to confirm execution.

Description

Thecus N4800Eco NAS Server Control Panel contains a command injection vulnerability that allows authenticated attackers to execute arbitrary system commands through user management endpoints. Attackers can inject commands via username and batch user creation parameters to execute shell commands with administrative privileges.

Exploits (1)

exploitdb WORKING POC
by Metin Yunus Kandemir · pythonwebappshardware
https://www.exploit-db.com/exploits/49926

This exploit leverages a command injection vulnerability in Thecus N4800Eco NAS Server Control Panel by injecting commands through the 'username' parameter in the user deletion and batch creation functions. It authenticates, executes arbitrary commands, and reads system logs to confirm execution.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Thecus N4800Eco NAS Server Control Panel
Auth required
Prerequisites: Network access to the target · Valid credentials for authentication
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5
Core References
Exploit, Third Party Advisory exploit
https://www.exploit-db.com/exploits/49926
Various Sources product
http://www.thecus.com/

Scores

CVSS v3 8.8
EPSS 0.0163
EPSS Percentile 73.1%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact total

Details

CWE
CWE-78
Status published
Published Jan 16, 2026
Tracked Since Feb 18, 2026