CVE-2020-15568 in TerraMaster TOSinformation

Résumé

par MITRE • 30/01/2021

TerraMaster TOS before 4.1.29 has Invalid Parameter Checking that leads to code injection as root. This is a dynamic class method invocation vulnerability in include/exportUser.php, in which an attacker can trigger a call to the exec method with (for example) OS commands in the opt parameter.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Réserver

06/07/2020

Divulgation

30/01/2021

Modérer

accepté

Entrée

VDB-168923

CPE

prêt

EPSS

0.28495

KEV

non

Activités

très faible

Sources

Do you need the next level of professionalism?

Upgrade your account now!