Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
terra-master terramaster operating system vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2020-35665
An unauthenticated command-execution vulnerability exists in TerraMaster TOS up to and including 4.2.06 via shell metacharacters in the Event parameter in include/makecvs.php during CSV creation.
Terra-master Terramaster Operating System
1 Metasploit module
10
CVSSv2
CVE-2017-9328
Shell metacharacter injection vulnerability in /usr/www/include/ajax/GetTest.php in TerraMaster TOS prior to 3.0.34 leads to remote code execution as root.
Terra-master Terramaster Operating System
9
CVSSv2
CVE-2018-13330
System command injection in ajaxdata.php in TerraMaster TOS version 3.1.03 allows malicious users to execute system commands during group creation via the "groupname" parameter.
Terra-master Terramaster Operating System 3.1.03
4.3
CVSSv2
CVE-2018-13333
Cross-site scripting in File Manager in TerraMaster TOS version 3.1.03 allows malicious users to execute JavaScript in the permissions window by placing JavaScript in users' usernames.
Terra-master Terramaster Operating System 3.1.03
3.5
CVSSv2
CVE-2018-13335
Cross-site scripting in Control Panel in TerraMaster TOS version 3.1.03 allows malicious users to execute JavaScript when viewing shared folders via their descriptions.
Terra-master Terramaster Operating System 3.1.03
5.8
CVSSv2
CVE-2018-13337
Session Fixation in the web application for TerraMaster TOS version 3.1.03 allows malicious users to control users' session cookies via JavaScript.
Terra-master Terramaster Operating System 3.1.03
4.3
CVSSv2
CVE-2018-13329
Cross-site scripting in ajaxdata.php in TerraMaster TOS version 3.1.03 allows malicious users to execute JavaScript via the "lines" URL parameter.
Terra-master Terramaster Operating System 3.1.03
4.3
CVSSv2
CVE-2018-13331
Cross-site scripting in Control Panel in TerraMaster TOS version 3.1.03 allows malicious users to execute JavaScript when viewing users by placing JavaScript in their usernames.
Terra-master Terramaster Operating System 3.1.03
5
CVSSv2
CVE-2018-13332
Directory Traversal in the explorer application in TerraMaster TOS version 3.1.03 allows malicious users to upload files to arbitrary locations via the "path" URL parameter.
Terra-master Terramaster Operating System 3.1.03
4.3
CVSSv2
CVE-2018-13334
Cross-site scripting in handle.php in TerraMaster TOS version 3.1.03 allows malicious users to execute JavaScript via the "options[sysname]" parameter.
Terra-master Terramaster Operating System 3.1.03
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
denial of service
CVE-2024-27371
CVE-2024-20405
CVE-2024-31627
CVE-2024-31625
race condition
CVE-2024-4358
cross-site scripting
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »