https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2020/CVE-2020-28188.yaml

标题： Terramaster TOS 操作系统命令注入漏洞 (CVE-2020-28188)
描述：TerraMaster TOS是中国铁威马（TerraMaster）公司的一款基于Linux平台的，专用于erraMaster云存储NAS服务器的操作系统。 TerraMaster TOS 4.2.06版本及之前版本存在操作系统命令注入漏洞，该漏洞源于通过在makecvs.php的Event参数中发现包含操作系统命令注入漏洞。

TerraMaster TOS <= 4.2.06 is susceptible to a remote code execution vulnerability which could allow remote unauthenticated attackers to inject OS commands via /include/makecvs.php via the Event parameter.

 id: CVE-2020-28188

info:
  name: TerraMaster TOS - Unauthenticated Remote Command Execution
  autho

...