CVE-2020-28185

2020-12-2414:26:55

mitre

www.cve.org

5.8 Medium

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

79.6%

JSON

User Enumeration vulnerability in TerraMaster TOS <= 4.2.06 allows remote unauthenticated attackers to identify valid users within the system via the username parameter to wizard/initialise.php.

References

www.ihteam.net/advisory/terramaster-tos-multiple-vulnerabilities/

www.terra-master.com/