Tos
by Terra Master
CVEs (39)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-28188 | Cri | 0.74 | 9.8 | 0.97 | Dec 24, 2020 | Remote Command Execution (RCE) vulnerability in TerraMaster TOS <= 4.2.06 allow remote unauthenticated attackers to inject OS commands via /include/makecvs.php in Event parameter. | ||
| CVE-2020-35665 | Cri | 0.73 | 9.8 | 0.78 | Dec 23, 2020 | An unauthenticated command-execution vulnerability exists in TerraMaster TOS through 4.2.06 via shell metacharacters in the Event parameter in include/makecvs.php during CSV creation. | ||
| CVE-2021-45837 | Cri | 0.68 | 9.8 | 0.16 | Apr 25, 2022 | It is possible to execute arbitrary commands as root in Terramaster F4-210, F2-210 TOS 4.2.X (4.2.15-2107141517) by sending a specifically crafted input to /tos/index.php?app/del. | ||
| CVE-2020-15568 | Cri | 0.66 | 9.8 | 0.28 | Jan 30, 2021 | TerraMaster TOS before 4.1.29 has Invalid Parameter Checking that leads to code injection as root. This is a dynamic class method invocation vulnerability in include/exportUser.php, in which an attacker can trigger a call to the exec method with (for example) OS commands in the… | ||
| CVE-2018-13354 | Cri | 0.66 | 9.8 | 0.23 | Nov 27, 2018 | System command injection in logtable.php in TerraMaster TOS version 3.1.03 allows attackers to execute system commands via the "Event" parameter. | ||
| CVE-2020-28187 | Cri | 0.65 | 9.8 | 0.16 | Dec 24, 2020 | Multiple directory traversal vulnerabilities in TerraMaster TOS <= 4.2.06 allow remote authenticated attackers to read, edit or delete any file within the filesystem via the (1) filename parameter to /tos/index.php?editor/fileGet, Event parameter to /include/ajax/logtable.php,… | ||
| CVE-2018-13350 | Cri | 0.65 | 9.8 | 0.17 | Nov 27, 2018 | SQL injection in logtable.php in TerraMaster TOS version 3.1.03 allows attackers to execute SQL queries via the "Event" parameter. | ||
| CVE-2018-13338 | Cri | 0.65 | 9.8 | 0.10 | Nov 27, 2018 | System command injection in ajaxdata.php in TerraMaster TOS version 3.1.03 allows attackers to execute system commands via the "username" parameter during user creation. | ||
| CVE-2021-45840 | Cri | 0.64 | 9.8 | 0.04 | Apr 25, 2022 | It is possible to execute arbitrary commands as root in Terramaster F4-210, F2-210 TOS 4.2.X (4.2.15-2107141517) by sending specifically crafted input to /tos/index.php?app/app_start_stop. | ||
| CVE-2018-13336 | Cri | 0.64 | 9.8 | 0.09 | Nov 27, 2018 | System command injection in ajaxdata.php in TerraMaster TOS version 3.1.03 allows attackers to execute system commands via the "pwd" parameter during user creation. | ||
| CVE-2018-13359 | Hig | 0.59 | 8.8 | 0.20 | Nov 27, 2018 | Cross-site scripting in usertable.php in TerraMaster TOS version 3.1.03 allows attackers to execute JavaScript via the "modgroup" parameter. | ||
| CVE-2018-13358 | Hig | 0.59 | 8.8 | 0.25 | Nov 27, 2018 | System command injection in ajaxdata.php in TerraMaster TOS version 3.1.03 allows attackers to execute system commands via the "checkName" parameter. | ||
| CVE-2018-13418 | Hig | 0.58 | 8.8 | 0.05 | Nov 27, 2018 | System command injection in ajaxdata.php in TerraMaster TOS 3.1.03 allows attackers to execute system commands via the "newname" parameter. | ||
| CVE-2018-13353 | Hig | 0.58 | 8.8 | 0.06 | Nov 27, 2018 | System command injection in ajaxdata.php in TerraMaster TOS version 3.1.03 allows attackers to execute commands via the "checkport" parameter. | ||
| CVE-2021-45836 | Hig | 0.57 | 8.8 | 0.02 | Apr 25, 2022 | An authenticated attacker can execute arbitrary commands as root in Terramaster F4-210, F2-210 TOS 4.2.X (4.2.15-2107141517) by injecting a maliciously crafted input in the request through /tos/index.php?app/hand_app. | ||
| CVE-2018-13356 | Hig | 0.57 | 8.8 | 0.02 | Nov 27, 2018 | Incorrect access control on ajaxdata.php in TerraMaster TOS version 3.1.03 allows attackers to elevate user permissions. | ||
| CVE-2021-45841 | Hig | 0.56 | 8.1 | 0.08 | Apr 25, 2022 | In Terramaster F4-210, F2-210 TOS 4.2.X (4.2.15-2107141517), an attacker can self-sign session cookies by knowing the target's MAC address and the user's password hash. Guest users (disabled by default) can be abused using a null/empty hash and allow an unauthenticated attacker… | ||
| CVE-2020-29189 | Hig | 0.53 | 8.1 | 0.01 | Dec 24, 2020 | Incorrect Access Control vulnerability in TerraMaster TOS <= 4.2.06 allows remote authenticated attackers to bypass read-only restriction and obtain full access to any folder within the NAS | ||
| CVE-2021-45842 | Hig | 0.49 | 7.5 | 0.02 | Apr 25, 2022 | It is possible to obtain the first administrator's hash set up in Terramaster F4-210, F2-210 TOS 4.2.X (4.2.15-2107141517) on the system as well as other information such as MAC address, internal IP address etc. by performing a request to the /module/api.php?mobile/wapNasIPS… | ||
| CVE-2018-13352 | Hig | 0.49 | 7.5 | 0.02 | Nov 27, 2018 | Session Exposure in the web application for TerraMaster TOS version 3.1.03 allows attackers to view active session tokens in a world-readable directory. |
- risk 0.74cvss 9.8epss 0.97
Remote Command Execution (RCE) vulnerability in TerraMaster TOS <= 4.2.06 allow remote unauthenticated attackers to inject OS commands via /include/makecvs.php in Event parameter.
- risk 0.73cvss 9.8epss 0.78
An unauthenticated command-execution vulnerability exists in TerraMaster TOS through 4.2.06 via shell metacharacters in the Event parameter in include/makecvs.php during CSV creation.
- risk 0.68cvss 9.8epss 0.16
It is possible to execute arbitrary commands as root in Terramaster F4-210, F2-210 TOS 4.2.X (4.2.15-2107141517) by sending a specifically crafted input to /tos/index.php?app/del.
- risk 0.66cvss 9.8epss 0.28
TerraMaster TOS before 4.1.29 has Invalid Parameter Checking that leads to code injection as root. This is a dynamic class method invocation vulnerability in include/exportUser.php, in which an attacker can trigger a call to the exec method with (for example) OS commands in the…
- risk 0.66cvss 9.8epss 0.23
System command injection in logtable.php in TerraMaster TOS version 3.1.03 allows attackers to execute system commands via the "Event" parameter.
- risk 0.65cvss 9.8epss 0.16
Multiple directory traversal vulnerabilities in TerraMaster TOS <= 4.2.06 allow remote authenticated attackers to read, edit or delete any file within the filesystem via the (1) filename parameter to /tos/index.php?editor/fileGet, Event parameter to /include/ajax/logtable.php,…
- risk 0.65cvss 9.8epss 0.17
SQL injection in logtable.php in TerraMaster TOS version 3.1.03 allows attackers to execute SQL queries via the "Event" parameter.
- risk 0.65cvss 9.8epss 0.10
System command injection in ajaxdata.php in TerraMaster TOS version 3.1.03 allows attackers to execute system commands via the "username" parameter during user creation.
- risk 0.64cvss 9.8epss 0.04
It is possible to execute arbitrary commands as root in Terramaster F4-210, F2-210 TOS 4.2.X (4.2.15-2107141517) by sending specifically crafted input to /tos/index.php?app/app_start_stop.
- risk 0.64cvss 9.8epss 0.09
System command injection in ajaxdata.php in TerraMaster TOS version 3.1.03 allows attackers to execute system commands via the "pwd" parameter during user creation.
- risk 0.59cvss 8.8epss 0.20
Cross-site scripting in usertable.php in TerraMaster TOS version 3.1.03 allows attackers to execute JavaScript via the "modgroup" parameter.
- risk 0.59cvss 8.8epss 0.25
System command injection in ajaxdata.php in TerraMaster TOS version 3.1.03 allows attackers to execute system commands via the "checkName" parameter.
- risk 0.58cvss 8.8epss 0.05
System command injection in ajaxdata.php in TerraMaster TOS 3.1.03 allows attackers to execute system commands via the "newname" parameter.
- risk 0.58cvss 8.8epss 0.06
System command injection in ajaxdata.php in TerraMaster TOS version 3.1.03 allows attackers to execute commands via the "checkport" parameter.
- risk 0.57cvss 8.8epss 0.02
An authenticated attacker can execute arbitrary commands as root in Terramaster F4-210, F2-210 TOS 4.2.X (4.2.15-2107141517) by injecting a maliciously crafted input in the request through /tos/index.php?app/hand_app.
- risk 0.57cvss 8.8epss 0.02
Incorrect access control on ajaxdata.php in TerraMaster TOS version 3.1.03 allows attackers to elevate user permissions.
- risk 0.56cvss 8.1epss 0.08
In Terramaster F4-210, F2-210 TOS 4.2.X (4.2.15-2107141517), an attacker can self-sign session cookies by knowing the target's MAC address and the user's password hash. Guest users (disabled by default) can be abused using a null/empty hash and allow an unauthenticated attacker…
- risk 0.53cvss 8.1epss 0.01
Incorrect Access Control vulnerability in TerraMaster TOS <= 4.2.06 allows remote authenticated attackers to bypass read-only restriction and obtain full access to any folder within the NAS
- risk 0.49cvss 7.5epss 0.02
It is possible to obtain the first administrator's hash set up in Terramaster F4-210, F2-210 TOS 4.2.X (4.2.15-2107141517) on the system as well as other information such as MAC address, internal IP address etc. by performing a request to the /module/api.php?mobile/wapNasIPS…
- risk 0.49cvss 7.5epss 0.02
Session Exposure in the web application for TerraMaster TOS version 3.1.03 allows attackers to view active session tokens in a world-readable directory.
Page 1 of 2