CVE-2019-18383

An issue was discovered on TerraMaster FS-210 4.0.19 devices. One can download backup files remotely from terramasterTNAS-00E43Aconfigbackup.bin without permission...

CVE-2019-18385

An issue was discovered on TerraMaster FS-210 4.0.19 devices. An unauthenticated attacker can download log files via the include/makecvs.php?Event= substring...

EUVD-2019-8168

Malware in sbrugna...

EUVD-2019-8169

Malware in sbrugna...

EUVD-2019-7998

Malware in sbrugna...

EUVD-2019-8170

Malware in sbrugna...

CVE-2019-18195

An issue was discovered on TerraMaster FS-210 4.0.19 devices. Normal users can use 1.user.php for privilege elevation...

CVE-2019-18384

An issue was discovered on TerraMaster FS-210 4.0.19 devices. An authenticated remote non-administrative user can read unauthorized shared files, as demonstrated by the filename=public%25252FadminOnlyRead.txt substring...

TerraMaster FS-210安全漏洞

The Terramaster TerraMaster FS-210 is a NAS Network Attached Storage device from Tumi Electronic Technology Terramaster in Shenzhen, China. A security vulnerability exists in Terramaster F4-210, F2-210 TOS 4.2.X 4.2.15-2107141517, which can be exploited by sending a special command to...

Terramaster TerraMaster FS-210 安全漏洞

The Terramaster TerraMaster FS-210 is a NAS Network Attached Storage device from Tumi Electronic Technology Terramaster of Shenzhen, China. A security vulnerability exists in the TerraMaster F2-210 devices that originates from allowing access to the device over the Internet on TCP port 8181...

TerraMaster FS-210 Elevation of Privilege Vulnerability

TerraMaster FS-210 is a NAS Network Attached Storage device from TerraMaster, a Shenzhen, China based company. An elevation of privilege vulnerability exists in TerraMaster FS-210 version 4.0.19, which can be exploited to elevate privileges with the help of the 1.user.php file...

CVE-2019-18195

An issue was discovered on TerraMaster FS-210 4.0.19 devices. Normal users can use 1.user.php for privilege elevation...

CVE-2019-18195

An issue was discovered on TerraMaster FS-210 4.0.19 devices. Normal users can use 1.user.php for privilege elevation...

Privilege escalation

An issue was discovered on TerraMaster FS-210 4.0.19 devices. Normal users can use 1.user.php for privilege elevation...

CVE-2019-18195

TerraMaster FS-210 (firmware 4.0.19) contains an elevation-of-privilege flaw where normal users can leverage 1.user.php to gain higher privileges. Documented impact is network-accessible via the vulnerability with high severity (CVSS 3.1 base score 8.8, HIGH). Root cause details are not elaborate...

CVE-2019-18195

An issue was discovered on TerraMaster FS-210 4.0.19 devices. Normal users can use 1.user.php for privilege elevation...

CVE-2019-18384

An issue was discovered on TerraMaster FS-210 4.0.19 devices. An authenticated remote non-administrative user can read unauthorized shared files, as demonstrated by the filename=public%25252FadminOnlyRead.txt substring...

CVE-2019-18385

An issue was discovered on TerraMaster FS-210 4.0.19 devices. An unauthenticated attacker can download log files via the include/makecvs.php?Event= substring...

CVE-2019-18385

An issue was discovered on TerraMaster FS-210 4.0.19 devices. An unauthenticated attacker can download log files via the include/makecvs.php?Event= substring...

CVE-2019-18383

An issue was discovered on TerraMaster FS-210 4.0.19 devices. One can download backup files remotely from terramasterTNAS-00E43Aconfigbackup.bin without permission...