CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

27 matches found

CNNVD•added 2024/06/14 12:0 a.m.•2 views

TerraMaster TOS Security Vulnerability

TerraMaster TOS is a Linux-based operating system from China's TerraMaster Corporation TerraMaster that is dedicated to the TerraMaster Cloud Storage NAS server. A security vulnerability exists in TerraMaster TOS version 5.1 and prior versions, which stems from the use of hard-coded credentials. ...

9.4CVSS6.9AI score0.00517EPSS

Exploits0References2

CNNVD•added 2023/06/13 12:0 a.m.•4 views

TerraMaster TOS 安全漏洞

TerraMaster TOS is a Linux-based operating system from China's TerraMaster, dedicated to the TerraMaster Cloud Storage NAS server. A security vulnerability exists in TerraMaster TOS 4.2.15 and earlier versions, which can be exploited by an attacker to execute a session for privilege escalation...

8.6AI score

Exploits3References1

SUSE CVE•added 2023/02/15 4:44 a.m.•3 views

SUSE CVE-2017-9328

Shell metacharacter injection vulnerability in /usr/www/include/ajax/GetTest.php in TerraMaster TOS before 3.0.34 leads to remote code execution as root...

10CVSS8.6AI score0.07375EPSS

Exploits1References3

CNNVD•added 2022/03/16 12:0 a.m.•1 views

TerraMaster TOS 访问控制错误漏洞

TerraMaster is a world-renowned professional storage brand. TerraMaster TOS identity bypass vulnerability can be exploited by attackers to gain server privileges...

9.8CVSS5.6AI score0.8405EPSS

Exploits9References7

BDU FSTEC•added 2021/04/06 12:0 a.m.•1 views

The vulnerability of the “Event” parameter in the TerraMaster TOS operating system allows a hacker to execute arbitrary code.

The vulnerability of the “Event” parameter in the TerraMaster TOS operating system is related to the lack of measures taken to neutralize special elements used in operating system commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS8.5AI score0.96598EPSS

Exploits3References5Affected Software1

OSV•added 2021/01/30 5:15 a.m.•3 views

CVE-2020-15568

TerraMaster TOS before 4.1.29 has Invalid Parameter Checking that leads to code injection as root. This is a dynamic class method invocation vulnerability in include/exportUser.php, in which an attacker can trigger a call to the exec method with for example OS commands in the opt parameter...

9.8CVSS7.3AI score0.29196EPSS

Exploits1References2

VulnCheck KEV•added 2021/01/14 12:0 a.m.•2 views

VulnCheck KEV: CVE-2020-35665

An unauthenticated command-execution vulnerability exists in TerraMaster TOS through 4.2.06 via shell metacharacters in the Event parameter in include/makecvs.php during CSV creation...

10CVSS7.3AI score0.78141EPSS

Exploits3References1

OSV•added 2020/12/24 3:15 p.m.•3 views

CVE-2020-28184

Cross-site scripting XSS vulnerability in TerraMaster TOS = 4.2.06 allows remote authenticated users to inject arbitrary web script or HTML via the mod parameter to /module/index.php...

5.4CVSS6.2AI score0.00664EPSS

Exploits1References2

CNNVD•added 2020/12/24 12:0 a.m.•3 views

Terramaster TOS Permission License and Access Control Issues Vulnerability

Terramaster TOS is a Linux-based operating system dedicated to the erraMaster Cloud Storage NAS server from Shenzhen Tumi Electronic Technology Terramaster in China. A security vulnerability exists in TerraMaster TOS version 4.2.06 and earlier versions, which can be exploited by a remote,...

5.3CVSS6.1AI score0.18066EPSS

Exploits1References3

CNNVD•added 2020/12/24 12:0 a.m.•5 views

Terramaster TOS Authorization Issues Vulnerability

Terramaster TOS is a Linux-based operating system dedicated to the erraMaster Cloud Storage NAS server from Shenzhen Tumi Electronic Technology Terramaster in China. An authorization issue vulnerability exists in TerraMaster TOS version 4.2.06 and prior versions, which originates from email...

7.3CVSS7.1AI score0.04129EPSS

Exploits1References3

Positive Technologies•added 2020/12/24 12:0 a.m.•2 views

PT-2020-5870 · Terramaster · Terramaster Tos

Name of the Vulnerable Software and Affected Versions: TerraMaster TOS versions = 4.2.06 Description: The issue is related to the "Event" parameter in the /include/makecvs.php file of the TerraMaster TOS operating system, which fails to neutralize special elements used in operating system command...

10CVSS9.7AI score0.96598EPSS

Exploits3References11

CNVD•added 2018/11/28 12:0 a.m.•2 views

TerraMaster TOS Session Fixation Vulnerability

TerraMaster TOS is a set of storage server special operating system based on Linux platform developed by Terra Master. The system supports file sharing, cloud data synchronization, data backup and virtualization. A session fixation vulnerability exists in the web application in TerraMaster TOS...

5.8CVSS5.9AI score0.01188EPSS

Exploits1References1

CNVD•added 2018/11/28 12:0 a.m.•1 views

TerraMaster TOS Directory Traversal Vulnerability

TerraMaster TOS is a set of Linux-based storage server operating system developed by Terra Master. The system supports file sharing, cloud data synchronization, data backup and virtualization, etc. The explorer application is one of the file browsing applications. A directory traversal...

7.5CVSS8AI score0.02348EPSS

Exploits1References1

CNVD•added 2018/11/28 12:0 a.m.•3 views

TerraMaster TOS System Command Injection Vulnerability

TerraMaster TOS is a set of storage server special operating system based on Linux platform developed by Terra Master. The system supports file sharing, cloud data synchronization, data backup and virtualization. A system command injection vulnerability exists in the ajaxdata.php file in...

9CVSS9.2AI score0.05185EPSS

Exploits1References1

CNVD•added 2018/11/28 12:0 a.m.•2 views

TerraMaster TOS User Enumeration Vulnerability

TerraMaster TOS is a set of storage server special operating system based on Linux platform developed by Terra Master. The system supports file sharing, cloud data synchronization, data backup and virtualization. A security vulnerability exists in the usertable.php endpoint in TerraMaster TOS...

5.3CVSS5.9AI score0.16931EPSS

Exploits1References1

CNVD•added 2018/11/28 12:0 a.m.•1 views

TerraMaster TOS Cross-Site Scripting Vulnerability (CNVD-2018-26659)

TerraMaster TOS is a set of storage server special operating system based on Linux platform developed by Terra Master. The system supports file sharing, cloud data synchronization, data backup and virtualization. A cross-site scripting vulnerability exists in the usertable.php file in TerraMaster...

8.8CVSS8.4AI score0.1988EPSS

Exploits1References1

CNVD•added 2018/11/28 12:0 a.m.•1 views

TerraMaster TOS Improper Access Control Vulnerability

TerraMaster TOS is a set of storage server special operating system based on Linux platform developed by Terra Master. The system supports file sharing, cloud data synchronization, data backup and virtualization. An access control error vulnerability exists in the ajaxdata.php file in TerraMaster...

9CVSS8.8AI score0.02007EPSS

Exploits1References1

CNVD•added 2018/11/28 12:0 a.m.•3 views

TerraMaster TOS Cross-Site Scripting Vulnerability (CNVD-2018-26665)

TerraMaster TOS is a set of storage server special operating system based on Linux platform developed by Terra Master. The system supports file sharing, cloud data synchronization, data backup and virtualization. A cross-site scripting vulnerability exists in Control Panel in TerraMaster TOS...

6.5CVSS6.7AI score0.01065EPSS

Exploits1References1

OSV•added 2018/11/27 9:29 p.m.•1 views

CVE-2018-13359

Cross-site scripting in usertable.php in TerraMaster TOS version 3.1.03 allows attackers to execute JavaScript via the "modgroup" parameter...

8.8CVSS5.8AI score

Exploits0References1

OSV•added 2018/11/27 9:29 p.m.•2 views

CVE-2018-13358

System command injection in ajaxdata.php in TerraMaster TOS version 3.1.03 allows attackers to execute system commands via the "checkName" parameter...

8.8CVSS5.9AI score0.24946EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by