TerraMaster TOS < 4.2.30 Server Information Disclosure CVE-2022-24990
- Severity
- Vulnerability description
- Not available
- Risk description
- Not available
- Recommendation
- Not available
- References
- https://octagon.net/blog/2022/03/07/cve-2022-24990-terrmaster-tos-unauthenticated-remote-command-execution-via-php-object-instantiation/https://www.broadcom.com/support/security-center/attacksignatures/detail?asid=33732https://forum.terra-master.com/en/viewforum.php?f=28http://packetstormsecurity.com/files/172904/TerraMaster-TOS-4.2.29-Remote-Code-Execution.htmlhttps://github.com/ArrestX/--POC
- Codename
- Not available
- Detectable with
- Network Scanner
- Scan engine
- Nuclei
- Cisa Kev
Yes- Exploitable with Sniper
- No
- CVE Published
- Feb 7, 2023
- Detection added at
- Software Type
- Not available
- Vendor
- Not available
- Product
- Not available
Detect & validate this vulnerability
Go beyond surface scans. Get real validation with proprietary tools designed to prove what’s exploitable in your environment.