In the past couple months, ISE labs have been conducting a research project that involved looking into the security of embedded devices. Our research focused on identifying vulnerabilities in network accessible services. The end goal of our research was to identify weaponizable vulnerabilities or vulnerabilities that a remote attacker can exploit to either further their access within the network of the compromised device or use the individual device as a node in some kind of attack. This blog post discusses the methods we used to identify vulnerabilities in the Buffalo TeraStation TS5600D1206 running firmware 3.61–0.08. We discuss how we found an authentication bypass that grants us the ability to exploit second order command injection remotely.