Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In Terramaster F4-210, F2-210 TOS 4.2.X (4.2.15-2107141517), an attacker can self-sign session cookies by knowing the target's MAC address and the user's password hash. Guest users (disabled by default) can be abused using a null/empty hash and allow an unauthenticated attacker to login as guest.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
TerraMaster FS-210信任管理问题漏洞
Vulnerability Description
Terramaster TerraMaster FS-210是中国深圳市图美电子技术(Terramaster)公司的一款NAS(网络附属存储)设备。 Terramaster F4-210, F2-210 TOS 4.2.X (4.2.15-2107141517)版本存在安全漏洞,攻击者以通过知道目标的 MAC 地址和用户的密码哈希来对会话 cookie 进行自签名。未经身份验证的攻击者利用该漏洞可以以来宾身份登录。
CVSS Information
N/A
Vulnerability Type
N/A