2 matches found
CVE-2018-13354
System command injection in logtable.php in TerraMaster TOS version 3.1.03 allows attackers to execute system commands via the "Event" parameter...
CVE-2018-13354
TerraMaster TOS 3.1.03 is affected by a system command injection in logtable.php exposed via the Event parameter, enabling an attacker to execute arbitrary commands. Multiple sources (NVD, CNVD, OpenVAS, PRION, CVELIST) corroborate that the flaw is reachable remotely (network) with high/critical ...