为您找到"
webNasIPS
"相关结果约100,000,000个
The vulnerability exists due to improper input validation in the webNasIPS component in the api.php script. A remote unauthenticated attacker can pass specially crafted data to the application and execute arbitrary commands on the target system. Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
TerraMaster NAS 4.2.29 and earlier allows remote attackers to discover the administrative password by sending "User-Agent: TNAS" to module/api.php?mobile/webNasIPS and then reading the PWD field in the response.
The remote code execution vulnerability exists due to improper input validation in the webNasIPS component in the api.php script. An unauthenticated, remote attacker can pass specially crafted data to the application and execute arbitrary commands on the target system.
The module webNasIPS is vulnerable due to the way it processes requests when the User-Agent is TNAS . When the 'webNasIPS' function of 'mobile ' class is initiated by the api.php , it ignores the authentication check and returns sensitive information. The response contains information regarding password hash , TOS firmware, default gateway ...
Introduction. This report explains how researchers at Octagon Networks were able to chain two interesting vulnerabilities to achieve unauthenticated remote command execution as root on TerraMaster NAS devices running TOS version 4.2.29.
TerraMaster NAS 4.2.29 and earlier allows remote attackers to discover the administrative password by sending "User-Agent: TNAS" to module/api.php?mobile/webNasIPS and then reading the PWD field in the response.
TerraMaster NAS 4.2.29 and earlier allows remote attackers to discover the administrative password by sending "User-Agent: TNAS" to module/api.php?mobile/webNasIPS and then reading the PWD field in the response.
It is, therefore, affected by a vulnerability that allows remote attackers to discover the administrative password by sending 'User-Agent: TNAS' to module/api.php?mobile/webNasIPS and then reading the PWD field in the response.
This Metasploit module exploits an unauthenticated remote code execution vulnerability in TerraMaster TOS versions 4229 and below by chaining two existing vulnerabilities, CVE-2022-24990 "Leaking sensitive information" and CVE-2022-24989, "Authenticated remote code execution" Exploiting vulnerable endpoint apiphp?mobile/webNasIPS leaking sensit ...
It is possible to obtain the first administrator's hash set up on the system in Terramaster F4-210, F2-210 TOS 4.2.X (4.2.15-2107141517) as well as other information such as MAC address, internal IP address etc. by performing a request to the /module/api.php?mobile/webNasIPS endpoint.