7 matches found
TerraMaster TOS 4.2.15 Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'digest/md5' require 'time' class MetasploitModule 'TerraMaster TOS 4.2.15 or lower - RCE chain from unauthenticated to root via session crafting.', 'Description...
TerraMaster TOS 4.2.15 Remote Code Execution Exploit
This Metasploit module is a Terramaster chained exploit that performs session crafting to achieve escalated privileges that allows an attacker to access vulnerable code execution flaws. TOS versions 4.2.15 and below are affected. This module requires Metasploit: https://metasploit.com/download...
TerraMaster TOS 4.2.15 or lower - RCE chain from unauthenticated to root via session crafting.
Terramaster chained exploit that performs session crafting to achieve escalated privileges that allows an attacker to access vulnerable code execution flaws. TOS versions 4.2.15 and below are affected. CVE-2021-45839 is exploited to obtain the first administrator's hash set up on the system as we...
CVE-2021-45837
creationtimestamp| type| source ---|---|--- 2023-06-09 17:46:16+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/terramasterunauthrcecve202145837.rb 2025-02-06 03:13:45+00:00| seen| MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd 2025-02-23...
CVE-2021-45837
It is possible to execute arbitrary commands as root in Terramaster F4-210, F2-210 TOS 4.2.X 4.2.15-2107141517 by sending a specifically crafted input to /tos/index.php?app/del...
CVE-2021-45837
It is possible to execute arbitrary commands as root in Terramaster F4-210, F2-210 TOS 4.2.X 4.2.15-2107141517 by sending a specifically crafted input to /tos/index.php?app/del...
CVE-2021-45837
TerraMaster F4-210/F2-210 devices running TOS 4.2.x (4.2.15-2107141517) are affected by CVE-2021-45837, which allows executing arbitrary commands as root via a specially crafted input to /tos/index.php?app/del. The vulnerability is part of an RCE chain described across multiple sources (including...