Vulnerability Details CVE-2022-24989
TerraMaster NAS through 4.2.30 allows remote WAN attackers to execute arbitrary code as root via the raidtype and diskstring parameters for PHP Object Instantiation to the api.php?mobile/createRaid URI. (Shell metacharacters can be placed in raidtype because popen is used without any sanitization.) The credentials from CVE-2022-24990 exploitation can be used.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.776
EPSS Ranking 98.9%
CVSS Severity
CVSS v3 Score 9.8
References
- https://attackerkb.com/topics/h8YKVKx21t/cve-2022-24990
- https://forum.terra-master.com/en/viewforum.php?f=28
- https://github.com/0xf4n9x/CVE-2022-24990
- https://octagon.net/blog/2022/03/07/cve-2022-24990-terrmaster-tos-unauthenticated-remote-command-execution-via-php-object-instantiation
- https://packetstormsecurity.com/files/172904
- https://attackerkb.com/topics/h8YKVKx21t/cve-2022-24990
- https://forum.terra-master.com/en/viewforum.php?f=28
- https://github.com/0xf4n9x/CVE-2022-24990
- https://octagon.net/blog/2022/03/07/cve-2022-24990-terrmaster-tos-unauthenticated-remote-command-execution-via-php-object-instantiation
- https://packetstormsecurity.com/files/172904
Products affected by CVE-2022-24989
-
cpe:2.3:h:terra-master:f2-210:-
-
cpe:2.3:h:terra-master:f2-221:-
-
cpe:2.3:h:terra-master:f2-223:-
-
cpe:2.3:h:terra-master:f2-422:-
-
cpe:2.3:h:terra-master:f2-423:-
-
cpe:2.3:h:terra-master:f4-421:-
-
cpe:2.3:h:terra-master:f4-422:-
-
cpe:2.3:h:terra-master:f4-423:-
-
cpe:2.3:h:terra-master:f5-221:-
-
cpe:2.3:h:terra-master:f5-422:-
-
cpe:2.3:h:terra-master:t12-423:-
-
cpe:2.3:h:terra-master:t12-450:-
-
cpe:2.3:h:terra-master:t6-423:-
-
cpe:2.3:h:terra-master:t9-423:-
-
cpe:2.3:h:terra-master:t9-450:-
-
cpe:2.3:h:terra-master:u12-322-9100:-
-
cpe:2.3:h:terra-master:u12-423:-
-
cpe:2.3:h:terra-master:u12-722-2224:-
-
cpe:2.3:h:terra-master:u16-322-9100:-
-
cpe:2.3:h:terra-master:u16-722-2224:-
-
cpe:2.3:h:terra-master:u24-722-2224:-
-
cpe:2.3:h:terra-master:u4-111:-
-
cpe:2.3:h:terra-master:u4-211:-
-
cpe:2.3:h:terra-master:u4-423:-
-
cpe:2.3:h:terra-master:u8-111:-
-
cpe:2.3:h:terra-master:u8-322-9100:-
-
cpe:2.3:h:terra-master:u8-423:-
-
cpe:2.3:h:terra-master:u8-522-9400:-
-
cpe:2.3:h:terra-master:u8-722-2224:-
-
cpe:2.3:o:terra-master:terramaster_operating_system:-
-
cpe:2.3:o:terra-master:terramaster_operating_system:3.0.33
-
cpe:2.3:o:terra-master:terramaster_operating_system:3.1.03
-
cpe:2.3:o:terra-master:terramaster_operating_system:4.2.06
-
cpe:2.3:o:terra-master:terramaster_operating_system:4.2.29