Showing 1 - 1 of 1

CVE-2020-35665

Status Candidate

Overview

An unauthenticated command-execution vulnerability exists in TerraMaster TOS through 4.2.06 via shell metacharacters in the Event parameter in include/makecvs.php during CSV creation.

Related Files

TerraMaster TOS 4.2.06 Remote Code Execution: Posted Jun 12, 2023; Authored by IHTeam, h00die-gr3y | Site metasploit.com; This Metasploit module exploits an unauthenticated remote code execution vulnerability in TerraMaster TOS versions 4.2.06 and below via shell metacharacters in the Event parameter at vulnerable endpoint include/makecvs.php during CSV creation. Any unauthenticated user can therefore execute commands on the system under the same privileges as the web application, which typically runs under root at the TerraMaster Operating System.; tags | exploit, remote, web, shell, root, php, code execution; advisories | CVE-2020-28188, CVE-2020-35665; SHA-256 | 8935d1e9f61d6f9eb3550ec44e1a8a5d97992b91e55a7456ae2af009097db539; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 419 files
Ubuntu 107 files
Debian 30 files
Rahad Chowdhury 21 files
BugsBD Limited 21 files
Gentoo 18 files
tmrswrr 12 files
Google Security Research 7 files
Ph0s 5 files
R0ckE7 5 files

File Archives

Systems

AIX (429)
Apple (2,037)
BSD (375)
CentOS (57)
Cisco (1,926)
Debian (6,914)
Fedora (1,692)
FreeBSD (1,246)
Gentoo (4,379)
HPUX (880)
iOS (363)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (47,896)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (486)
RedHat (14,654)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,152)
UNIX (9,340)
UnixWare (187)
Windows (6,609)
Other

CVE-2020-35665

Overview

Related Files

File Archive:

December 2023

Top Authors In Last 30 Days

File Tags

File Archives

Systems