Vulnerabilities > CVE-2021-45837 - Unspecified vulnerability in Terra-Master TOS 4.2.152107141517
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
It is possible to execute arbitrary commands as root in Terramaster F4-210, F2-210 TOS 4.2.X (4.2.15-2107141517) by sending a specifically crafted input to /tos/index.php?app/del.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 1 | |
Hardware | 2 |
References
- http://packetstormsecurity.com/files/172881/TerraMaster-TOS-4.2.15-Remote-Code-Execution.html
- http://packetstormsecurity.com/files/172881/TerraMaster-TOS-4.2.15-Remote-Code-Execution.html
- https://thatsn0tmy.site/posts/2021/12/how-to-summon-rces/
- https://thatsn0tmy.site/posts/2021/12/how-to-summon-rces/