An issue exists on TerraMaster FS-210 4.0.19 devices. An unauthenticated attacker can download log files via the include/makecvs.php?Event= substring.
terra-master fs-210_firmware 4.0.19