What is CVE-2020-15568?

CVE-2020-15568 is a vulnerability in N/a. Published 2021-01-30.

Is CVE-2020-15568 known to be exploited?

11 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2020-15568

TerraMaster TOS before 4.1.29 has Invalid Parameter Checking that leads to code injection as root. This is a dynamic class method invocation vulnerability in include/exportUser.php, in which an attacker can trigger a call to the exec metho…

EPSS: 0.935 (99.8th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

divinepwner/TerraMaster-TOS-CVE-2020-15568
n0bugz/CVE-2020-15568
20142995/nuclei-templates
ARPSyndicate/cve-scores
ARPSyndicate/cvemon
ARPSyndicate/kenzer-templates
HimmelAward/Goby_
NyxAzrael/Goby_
Z0fhack/Goby_
sobinge/nuclei-templates

References

help.terra-master.com/TOS/view/ (x_refsource_MISC)
ssd-disclosure.com/ssd-advisory-terramaster-os-exportuser-php-remote-code-execu… (x_refsource_MISC)

Frequently asked questions

What is CVE-2020-15568?: CVE-2020-15568 is a vulnerability in N/a. Published 2021-01-30.
Is CVE-2020-15568 known to be exploited?: 11 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.