Terra-Master: >> Terramaster Operating System >> 3.0.33 Security Vulnerabilities
TerraMaster NAS through 4.2.30 allows remote WAN attackers to execute arbitrary code as root via the raidtype and diskstring parameters for PHP Object Instantiation to the api.php?mobile/createRaid URI. (Shell metacharacters can be placed in raidtype because popen is used without any sanitization.) The credentials from CVE-2022-24990 exploitation can be used.
CVSS Score
9.8
EPSS Score
0.776
Published
2023-08-20
CVE-2022-24990
TerraMaster NAS 4.2.29 and earlier allows remote attackers to discover the administrative password by sending "User-Agent: TNAS" to module/api.php?mobile/webNasIPS and then reading the PWD field in the response.
Known exploited
CVSS Score
7.5
EPSS Score
0.944
Published
2023-02-07
An unauthenticated command-execution vulnerability exists in TerraMaster TOS through 4.2.06 via shell metacharacters in the Event parameter in include/makecvs.php during CSV creation.
CVSS Score
9.8
EPSS Score
0.894
Published
2020-12-23
Shell metacharacter injection vulnerability in /usr/www/include/ajax/GetTest.php in TerraMaster TOS before 3.0.34 leads to remote code execution as root.
CVSS Score
9.8
EPSS Score
0.062
Published
2017-09-15