Thecus 4800Eco exists to contain a command injection vulnerability via the username parameter in /adm/setmain.php.
thecus n4800eco_firmware -