2 matches found
CVE-2020-28186
Email Injection in TerraMaster TOS = 4.2.06 allows remote unauthenticated attackers to abuse the forget password functionality and achieve account takeover...
CVE-2020-28186
TerraMaster TOS is affected up to version 4.2.06 by an Email Injection vulnerability that allows remote unauthenticated attackers to abuse the forget-password function and potentially take over accounts. The issue is described in CVE-2020-28186 (NVD) with CVSS: CVSSv3.1 base score 7.3 (High) and ...