CVE-2020-15568 – TerraMaster TOS before 4.1.29 has Invalid Parameter Checking that leads to code injection …

30 January 2021

Vuln ID: CVE-2020-15568

Published: 2021-01-30 05:15:12Z

Description: TerraMaster TOS before 4.1.29 has Invalid Parameter Checking that leads to code injection as root. This is a dynamic class method invocation vulnerability in include/exportUser.php, in which an attacker can trigger a call to the exec method with (for example) OS commands in the opt parameter.

Source: NVD.NIST.GOV

Date:

30 January 2021

Categorie(s):

NVD

Tag(s):

NVD

Week in review: PoCs allow persistence on Palo Alto firewalls, Okta credential stuffing attacks5 May 2024
Navigating the Digital Age: AI’s Crucial Role in Cybersecurity Reinforcement5 May 2024
Dating apps kiss’n’tell all sorts of sensitive personal info4 May 2024
Multilogin Antidetect Browser Review 20244 May 2024
Navigating the API Security Landscape: A CEO’s Perspective on Embedding Zero Trust Principles4 May 2024