Vulnerability feed

Vulnerability

CVE-2020-28188

Reference to the description:: https://nvd.nist.gov/vuln/detail/CVE-2020-28188
Description:: Remote Command Execution (RCE) vulnerability in TerraMaster TOS <= 4.2.06 allow remote unauthenticated attackers to inject OS commands via /include/makecvs.php in Event parameter.
Last updated date:: 06/12/2023

Reports

alt

ACTIVELY EXPLOITED

Type:: exploitation
Confidence:: HIGH
Date of publishing:: 09/30/2021
Reference url to background: https://blogs.juniper.net/en-us/threat-research/necro-python-botnet-goes-after-vulnerable-visualtools-dvr

Type:: exploit
Confidence:: HIGH
Date of publishing:: 02/02/2021
Reference url to background: https://research.checkpoint.com/2021/freakout-leveraging-newest-vulnerabilities-for-creating-a-botnet/

Type:: exploit
Confidence:: HIGH
Date of publishing:: 02/02/2021
Reference url to background: https://www.ihteam.net/advisory/terramaster-tos-multiple-vulnerabilities/

Type:: exploit
Confidence:: HIGH
Date of publishing:: 06/08/2023
Reference url to background: https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/terramaster_unauth_rce_cve_2020_35665.rb

Vulnerability Feed Contributors About Blog

@inTheWild

©2023 |