Thecus Releases Bash Vulnerability Patch

Well, that took long enough. Thecus today released a Bash patch for both Thecus OS5 and OS6 users. It is strongly recommended that all users update their NAS with this latest firmware.

The patch will fix the GNU Bash Environment Variable Command Injection Vulnerability, also referred to as Shellshock (CVE-2014-6271, CVE-2014-7169, CVE-2014-7187, and CVE-2014-71861), which allows unauthorized users access to remote Unix/Linux-based systems.

For ThecusOS 6, users can download the OS6 Bash offline patch V1.0. The patch is applicable for the following units:

N2310, N4310
N2520, N2560, N4520, N4560

For ThecusOS 5 x64, users can update their firmware to v2.05.06 to apply the Bash patch. This firmware is applicable to the following units:

N16000 series / N12000 series / N8900 series
N10850 / N8850 / N6850
N8810 series / N7710 series
N8800PRO v2 / N7700 PRO v2
N7510 / N5550 / N4800 series / N4510U series / N2800

For ThecusOS 5 x86, users can update their firmware to v5.03.02.8 to apply the Bash patch. This firmware is applicable to the following units:

Thecus XXX series / 1U4600 / N0503 / N4200 series / N5500
N7700 / N7700SAS / N7700+ / N7700PRO
N8800 / N8800SAS / N8800+ / N8800PRO
N4100PRO

Printed from: https://www.guru3d.com/story/thecus-releases-bash-vulnerability-patch/