What is CVE-2020-28185?

CVE-2020-28185 is a vulnerability in N/a. Published 2020-12-24.

Is CVE-2020-28185 known to be exploited?

14 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2020-28185

User Enumeration vulnerability in TerraMaster TOS <= 4.2.06 allows remote unauthenticated attackers to identify valid users within the system via the username parameter to wizard/initialise.php.

EPSS: 0.886 (99.5th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

0day404/vulnerability-poc
20142995/nuclei-templates
ARPSyndicate/cvemon
ArrestX/--POC
HimmelAward/Goby_
KayCHENvip/vulnerability-poc
Miraitowa70/POC-Notes
NyxAzrael/Goby_
SexyBeast233/SecBooks
Threekiii/Awesome-POC

References

www.terra-master.com/ (x_refsource_MISC)
www.ihteam.net/advisory/terramaster-tos-multiple-vulnerabilities/ (x_refsource_MISC)

Frequently asked questions

What is CVE-2020-28185?: CVE-2020-28185 is a vulnerability in N/a. Published 2020-12-24.
Is CVE-2020-28185 known to be exploited?: 14 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.