Terra-Master: >> Fs-210 Firmware Security Vulnerabilities
An issue was discovered on TerraMaster FS-210 4.0.19 devices. An authenticated remote non-administrative user can read unauthorized shared files, as demonstrated by the filename=*public*%25252Fadmin_OnlyRead.txt substring.
CVSS Score
6.5
EPSS Score
0.007
Published
2019-10-23
An issue was discovered on TerraMaster FS-210 4.0.19 devices. An unauthenticated attacker can download log files via the include/makecvs.php?Event= substring.
CVSS Score
7.5
EPSS Score
0.007
Published
2019-10-23
An issue was discovered on TerraMaster FS-210 4.0.19 devices. One can download backup files remotely from terramaster_TNAS-00E43A_config_backup.bin without permission.
CVSS Score
7.5
EPSS Score
0.003
Published
2019-10-23