Title:Terramaster TOS 路径遍历漏洞 (CVE-2020-28187) Description:Terramaster TOS是中国深圳市图美电子技术(Terramaster)公司的一款基于Linux平台的,专用于erraMaster云存储NAS服务器的操作系统。 TerraMaster TOS 4.2.06版本及之前版本存在路径遍历漏洞,该漏洞允许远程身份验证攻击者可利用该漏洞通过(1)filename参数来读取、编辑或删除文件系统中的任何文件。
File Snapshot
# TerraMaster TOS 后台任意文件读取漏洞 CVE-2020-28187
## 漏洞描述
TerraMaster TOS <= 4.2.06中的多个目录遍历漏洞允许远程身份验证的攻击
...
Shenlong Bot has cached this for you
Remarks
1. It is advised to access via the original source first.2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.