CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

26 matches found

CNNVD•added 2024/06/14 12:0 a.m.•1 views

TerraMaster TOS Security Vulnerability

TerraMaster TOS is a Linux-based operating system from China's TerraMaster Corporation TerraMaster that is dedicated to the TerraMaster Cloud Storage NAS server. A security vulnerability exists in TerraMaster TOS version 5.1 and prior versions, which stems from the use of hard-coded credentials. ...

9.4CVSS6.9AI score0.00523EPSS

Exploits0References2

CNNVD•added 2023/06/13 12:0 a.m.•2 views

TerraMaster TOS 安全漏洞

TerraMaster TOS is a Linux-based operating system from China's TerraMaster, dedicated to the TerraMaster Cloud Storage NAS server. A security vulnerability exists in TerraMaster TOS 4.2.15 and earlier versions, which can be exploited by an attacker to execute a session for privilege escalation...

8.6AI score

Exploits3References1

SUSE CVE•added 2023/02/15 4:44 a.m.•2 views

SUSE CVE-2017-9328

Shell metacharacter injection vulnerability in /usr/www/include/ajax/GetTest.php in TerraMaster TOS before 3.0.34 leads to remote code execution as root...

10CVSS8.6AI score0.07711EPSS

Exploits1References3

CNNVD•added 2022/03/16 12:0 a.m.•1 views

TerraMaster TOS 访问控制错误漏洞

TerraMaster is a world-renowned professional storage brand. TerraMaster TOS identity bypass vulnerability can be exploited by attackers to gain server privileges...

9.8CVSS5.6AI score0.94404EPSS

Exploits9References7

OSV•added 2021/01/30 5:15 a.m.•2 views

CVE-2020-15568

TerraMaster TOS before 4.1.29 has Invalid Parameter Checking that leads to code injection as root. This is a dynamic class method invocation vulnerability in include/exportUser.php, in which an attacker can trigger a call to the exec method with for example OS commands in the opt parameter...

9.8CVSS7.3AI score

Exploits0References2

VulnCheck KEV•added 2021/01/14 12:0 a.m.•0 views

VulnCheck KEV: CVE-2020-35665

An unauthenticated command-execution vulnerability exists in TerraMaster TOS through 4.2.06 via shell metacharacters in the Event parameter in include/makecvs.php during CSV creation...

10CVSS7.3AI score0.88604EPSS

Exploits3References1

OSV•added 2020/12/24 3:15 p.m.•2 views

CVE-2020-28184

Cross-site scripting XSS vulnerability in TerraMaster TOS = 4.2.06 allows remote authenticated users to inject arbitrary web script or HTML via the mod parameter to /module/index.php...

5.4CVSS6.2AI score

Exploits0References2

CNNVD•added 2020/12/24 12:0 a.m.•4 views

Terramaster TOS Authorization Issues Vulnerability

Terramaster TOS is a Linux-based operating system dedicated to the erraMaster Cloud Storage NAS server from Shenzhen Tumi Electronic Technology Terramaster in China. An authorization issue vulnerability exists in TerraMaster TOS version 4.2.06 and prior versions, which originates from email...

7.3CVSS7.1AI score0.30022EPSS

Exploits1References3

Positive Technologies•added 2020/12/24 12:0 a.m.•1 views

PT-2020-5870 · Terramaster · Terramaster Tos

Name of the Vulnerable Software and Affected Versions: TerraMaster TOS versions = 4.2.06 Description: The issue is related to the "Event" parameter in the /include/makecvs.php file of the TerraMaster TOS operating system, which fails to neutralize special elements used in operating system command...

10CVSS9.7AI score0.9344EPSS

Exploits3References11

CNNVD•added 2020/12/24 12:0 a.m.•1 views

Terramaster TOS Permission License and Access Control Issues Vulnerability

Terramaster TOS is a Linux-based operating system dedicated to the erraMaster Cloud Storage NAS server from Shenzhen Tumi Electronic Technology Terramaster in China. A security vulnerability exists in TerraMaster TOS version 4.2.06 and earlier versions, which can be exploited by a remote,...

5.3CVSS6.1AI score0.88599EPSS

Exploits1References3

CNVD•added 2018/11/28 12:0 a.m.•2 views

TerraMaster TOS User Enumeration Vulnerability

TerraMaster TOS is a set of storage server special operating system based on Linux platform developed by Terra Master. The system supports file sharing, cloud data synchronization, data backup and virtualization. A security vulnerability exists in the usertable.php endpoint in TerraMaster TOS...

5.3CVSS5.9AI score0.00319EPSS

Exploits1References1

CNVD•added 2018/11/28 12:0 a.m.•1 views

TerraMaster TOS System Command Injection Vulnerability

TerraMaster TOS is a set of storage server special operating system based on Linux platform developed by Terra Master. The system supports file sharing, cloud data synchronization, data backup and virtualization. A system command injection vulnerability exists in the ajaxdata.php file in...

9CVSS9.2AI score0.1198EPSS

Exploits1References1

CNVD•added 2018/11/28 12:0 a.m.•1 views

TerraMaster TOS Cross-Site Scripting Vulnerability (CNVD-2018-26659)

TerraMaster TOS is a set of storage server special operating system based on Linux platform developed by Terra Master. The system supports file sharing, cloud data synchronization, data backup and virtualization. A cross-site scripting vulnerability exists in the usertable.php file in TerraMaster...

8.8CVSS8.4AI score0.00609EPSS

Exploits1References1

CNVD•added 2018/11/28 12:0 a.m.•2 views

TerraMaster TOS Cross-Site Scripting Vulnerability (CNVD-2018-26665)

TerraMaster TOS is a set of storage server special operating system based on Linux platform developed by Terra Master. The system supports file sharing, cloud data synchronization, data backup and virtualization. A cross-site scripting vulnerability exists in Control Panel in TerraMaster TOS...

6.5CVSS6.7AI score0.00146EPSS

Exploits1References1

CNVD•added 2018/11/28 12:0 a.m.•1 views

TerraMaster TOS Session Fixation Vulnerability

TerraMaster TOS is a set of storage server special operating system based on Linux platform developed by Terra Master. The system supports file sharing, cloud data synchronization, data backup and virtualization. A session fixation vulnerability exists in the web application in TerraMaster TOS...

5.8CVSS5.9AI score0.00199EPSS

Exploits1References1

CNVD•added 2018/11/28 12:0 a.m.•1 views

TerraMaster TOS Directory Traversal Vulnerability

TerraMaster TOS is a set of Linux-based storage server operating system developed by Terra Master. The system supports file sharing, cloud data synchronization, data backup and virtualization, etc. The explorer application is one of the file browsing applications. A directory traversal...

7.5CVSS8AI score0.00456EPSS

Exploits1References1

CNVD•added 2018/11/28 12:0 a.m.•1 views

TerraMaster TOS Improper Access Control Vulnerability

TerraMaster TOS is a set of storage server special operating system based on Linux platform developed by Terra Master. The system supports file sharing, cloud data synchronization, data backup and virtualization. An access control error vulnerability exists in the ajaxdata.php file in TerraMaster...

9CVSS8.8AI score0.00484EPSS

Exploits1References1

OSV•added 2018/11/27 9:29 p.m.•1 views

CVE-2018-13359

Cross-site scripting in usertable.php in TerraMaster TOS version 3.1.03 allows attackers to execute JavaScript via the "modgroup" parameter...

8.8CVSS5.8AI score

Exploits0References1

OSV•added 2018/11/27 9:29 p.m.•0 views

CVE-2018-13350

SQL injection in logtable.php in TerraMaster TOS version 3.1.03 allows attackers to execute SQL queries via the "Event" parameter...

9.8CVSS5.9AI score

Exploits0References1

OSV•added 2018/11/27 9:29 p.m.•1 views

CVE-2018-13331

Cross-site scripting in Control Panel in TerraMaster TOS version 3.1.03 allows attackers to execute JavaScript when viewing users by placing JavaScript in their usernames...

6.1CVSS5.8AI score0.0024EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by