Lucene search
K

7 matches found

Packet Storm
Packet Storm
added 2023/06/12 12:0 a.m.447 views

TerraMaster TOS 4.2.15 Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'digest/md5' require 'time' class MetasploitModule 'TerraMaster TOS 4.2.15 or lower - RCE chain from unauthenticated to root via session crafting.', 'Description...

10CVSS7.1AI score0.15914EPSS
Exploits6
0day.today
0day.today
added 2023/06/12 12:0 a.m.368 views

TerraMaster TOS 4.2.15 Remote Code Execution Exploit

This Metasploit module is a Terramaster chained exploit that performs session crafting to achieve escalated privileges that allows an attacker to access vulnerable code execution flaws. TOS versions 4.2.15 and below are affected. This module requires Metasploit: https://metasploit.com/download...

9.8CVSS7.5AI score0.15914EPSS
Exploits6
Metasploit
Metasploit
added 2023/06/09 7:50 p.m.336 views

TerraMaster TOS 4.2.15 or lower - RCE chain from unauthenticated to root via session crafting.

Terramaster chained exploit that performs session crafting to achieve escalated privileges that allows an attacker to access vulnerable code execution flaws. TOS versions 4.2.15 and below are affected. CVE-2021-45839 is exploited to obtain the first administrator's hash set up on the system as we...

10CVSS8.6AI score0.15914EPSS
Exploits6
Circl
Circl
added 2023/06/09 5:46 p.m.9 views

CVE-2021-45837

creationtimestamp| type| source ---|---|--- 2023-06-09 17:46:16+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/terramasterunauthrcecve202145837.rb 2025-02-06 03:13:45+00:00| seen| MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd 2025-02-23...

10CVSS9.3AI score0.15914EPSS
Exploits4References1
ATTACKERKB
ATTACKERKB
added 2022/04/25 11:15 a.m.315 views

CVE-2021-45837

It is possible to execute arbitrary commands as root in Terramaster F4-210, F2-210 TOS 4.2.X 4.2.15-2107141517 by sending a specifically crafted input to /tos/index.php?app/del...

10CVSS7.6AI score0.15914EPSS
In wildExploits4References4
OSV
OSV
added 2022/04/25 11:15 a.m.3 views

CVE-2021-45837

It is possible to execute arbitrary commands as root in Terramaster F4-210, F2-210 TOS 4.2.X 4.2.15-2107141517 by sending a specifically crafted input to /tos/index.php?app/del...

9.8CVSS7.5AI score0.15914EPSS
Exploits4References2
CVE
CVE
added 2022/04/25 12:0 a.m.210 views

CVE-2021-45837

TerraMaster F4-210/F2-210 devices running TOS 4.2.x (4.2.15-2107141517) are affected by CVE-2021-45837, which allows executing arbitrary commands as root via a specially crafted input to /tos/index.php?app/del. The vulnerability is part of an RCE chain described across multiple sources (including...

10CVSS9.6AI score0.15914EPSS
In wildExploits4References2Affected Software1
Rows per page
Query Builder