CVE-2020-28185 in TerraMaster TOSinfo

Summary

by MITRE • 12/25/2020

User Enumeration vulnerability in TerraMaster TOS &lt;= 4.2.06 allows remote unauthenticated attackers to identify valid users within the system via the username parameter to wizard/initialise.php.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Disclosure

12/25/2020

Moderation

accepted

Entry

VDB-166788

CPE

ready

CWE

CWE-200 (confirmed)

CVSS

5.3 (VulDB)

EPSS

0.18066

KEV

Activities

very low

Sector

Education, Telecommunication, ...

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2020-28185
NVD	https://nvd.nist.gov/vuln/detail/CVE-2020-28185
CVE Details	https://www.cvedetails.com/cve/CVE-2020-28185/

◂ Previous Overview Next ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!