2 matches found
Terramaster Remote Command Execution (CVE-2018-13338; CVE-2018-13330; CVE-2018-13336)
A remote command execution vulnerability exists in Terramaster. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
CVE-2018-13336
CVE-2018-13336 : TerraMaster TOS 3.1.03 contains a system command injection in the Ajax request path ajaxdata.php used during user creation. The vulnerability is exploitable via the pwd parameter, enabling an attacker to execute arbitrary system commands. According to NVD metrics, the issue has a...