CVE-2020-15568 in TerraMaster TOS
要約
〜によって MITRE • 2021年01月30日
TerraMaster TOS before 4.1.29 has Invalid Parameter Checking that leads to code injection as root. This is a dynamic class method invocation vulnerability in include/exportUser.php, in which an attacker can trigger a call to the exec method with (for example) OS commands in the opt parameter.
If you want to get the best quality for vulnerability data then you always have to consider VulDB.