CVE-2022-24990

Scores

EPSS Score

0.9440

CVSS

3.x 7.5

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

All CVSS Scores

CVSS 4.0

0.0

CVSS 3.x

7.5

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CVSS 2.0

0.0

Description

TerraMaster NAS 4.2.29 и более ранние версии позволяют удаленным злоумышленникам обнаруживать пароль администратора, отправив "User-Agent: TNAS" в module/api.php?mobile/webNasIPS, а затем прочитав поле PWD в ответе.

Sources

nvd

CWEs

CWE-306

Related Vulnerabilities

BDU:2022-01214

Exploits

Exploit ID: CVE-2022-24990

Source: github-poc

URL: https://github.com/jsongmax/terraMaster-CVE-2022-24990

Reference Links

http://packetstormsecurity.com/files/172904/TerraMaster-TOS-4.2.29-Remote-Code-Execution.html

https://forum.terra-master.com/en/viewforum.php?f=28

https://github.com/0xf4n9x/CVE-2022-24990

https://octagon.net/blog/2022/03/07/cve-2022-24990-terrmaster-tos-unauthenticated-remote-command-execution-via-php-object-instantiation/

https://www.broadcom.com/support/security-center/attacksignatures/detail?asid=33732

Vulnerable Software

Type: Configuration

Vendor: terra-master

Product: terramaster_operating_system

Operating System: * * *

Trait:

{
  "children": [
    {
      "cpe_match": [
        {
          "cpe23uri": "cpe:2.3:o:terra-master:terramaster_operating_system:*:*:*:*:*:*:*:*",
          "versionEndExcluding": "4.2.31",
          "vulnerable": true
        }
      ],
      "operator": "OR"
    },
    {
      "cpe_match": [
        {
          "cpe23uri": "cpe:2.3:h:terra-master:f2-210:-:*:*:*:*:*:*:*"
        },
        {
          "cpe23uri": "cpe:2.3:h:terra-master:f2-221:-:*:*:*:*:*:*:*"
        },
        {
          "cpe23uri": "cpe:2.3:h:terra-master:f2-223:-:*:*:*:*:*:*:*"
        },
        {
          "cpe23uri": "cpe:2.3:h:terra-master:f2-422:-:*:*:*:*:*:*:*"
        },
        {
          "cpe23uri": "cpe:2.3:h:terra-master:f2-423:-:*:*:*:*:*:*:*"
        },
        {
          "cpe23uri": "cpe:2.3:h:terra-master:f4-421:-:*:*:*:*:*:*:*"
        },
        {
          "cpe23uri": "cpe:2.3:h:terra-master:f4-422:-:*:*:*:*:*:*:*"
        },
        {
          "cpe23uri": "cpe:2.3:h:terra-master:f4-423:-:*:*:*:*:*:*:*"
        },
        {
          "cpe23uri": "cpe:2.3:h:terra-master:f5-221:-:*:*:*:*:*:*:*"
        },
        {
          "cpe23uri": "cpe:2.3:h:terra-master:f5-422:-:*:*:*:*:*:*:*"
        },
        {
          "cpe23uri": "cpe:2.3:h:terra-master:t12-423:-:*:*:*:*:*:*:*"
        },
        {
          "cpe23uri": "cpe:2.3:h:terra-master:t12-450:-:*:*:*:*:*:*:*"
        },
        {
          "cpe23uri": "cpe:2.3:h:terra-master:t6-423:-:*:*:*:*:*:*:*"
        },
        {
          "cpe23uri": "cpe:2.3:h:terra-master:t9-423:-:*:*:*:*:*:*:*"
        },
        {
          "cpe23uri": "cpe:2.3:h:terra-master:t9-450:-:*:*:*:*:*:*:*"
        },
        {
          "cpe23uri": "cpe:2.3:h:terra-master:u12-322-9100:-:*:*:*:*:*:*:*"
        },
        {
          "cpe23uri": "cpe:2.3:h:terra-master:u12-423:-:*:*:*:*:*:*:*"
        },
        {
          "cpe23uri": "cpe:2.3:h:terra-master:u12-722-2224:-:*:*:*:*:*:*:*"
        },
        {
          "cpe23uri": "cpe:2.3:h:terra-master:u16-322-9100:-:*:*:*:*:*:*:*"
        },
        {
          "cpe23uri": "cpe:2.3:h:terra-master:u16-722-2224:-:*:*:*:*:*:*:*"
        },
        {
          "cpe23uri": "cpe:2.3:h:terra-master:u24-722-2224:-:*:*:*:*:*:*:*"
        },
        {
          "cpe23uri": "cpe:2.3:h:terra-master:u4-111:-:*:*:*:*:*:*:*"
        },
        {
          "cpe23uri": "cpe:2.3:h:terra-master:u4-211:-:*:*:*:*:*:*:*"
        },
        {
          "cpe23uri": "cpe:2.3:h:terra-master:u4-423:-:*:*:*:*:*:*:*"
        },
        {
          "cpe23uri": "cpe:2.3:h:terra-master:u8-111:-:*:*:*:*:*:*:*"
        },
        {
          "cpe23uri": "cpe:2.3:h:terra-master:u8-322-9100:-:*:*:*:*:*:*:*"
        },
        {
          "cpe23uri": "cpe:2.3:h:terra-master:u8-423:-:*:*:*:*:*:*:*"
        },
        {
          "cpe23uri": "cpe:2.3:h:terra-master:u8-522-9400:-:*:*:*:*:*:*:*"
        },
        {
          "cpe23uri": "cpe:2.3:h:terra-master:u8-722-2224:-:*:*:*:*:*:*:*"
        }
      ],
      "operator": "OR"
    }
  ],
  "operator": "AND"
}

Source: nvd