PT-2019-15266 · Terramaster · Terramaster Fs-210

Published

2019-10-28

Updated

2020-08-24

CVE-2019-18195

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions TerraMaster FS-210 version 4.0.19

Description An issue was discovered that allows normal users to elevate their privileges. This is achieved by utilizing the "1.user.php" endpoint for privilege elevation.

Recommendations For TerraMaster FS-210 version 4.0.19, consider restricting access to the "1.user.php" endpoint until a patch is available.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2019-18195

Affected Products

Terramaster Fs-210

PT-2019-15266 · Terramaster · Terramaster Fs-210

CVE-2019-18195

Related Identifiers

Affected Products

References · 3