What is CVE-2020-28187?

CVE-2020-28187 is a vulnerability in N/a. Published 2020-12-24.

Is CVE-2020-28187 known to be exploited?

12 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2020-28187

Multiple directory traversal vulnerabilities in TerraMaster TOS <= 4.2.06 allow remote authenticated attackers to read, edit or delete any file within the filesystem via the (1) filename parameter to /tos/index.php?editor/fileGet, Event pa…

EPSS: 0.642 (98.5th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

0day404/vulnerability-poc
20142995/nuclei-templates
ARPSyndicate/cvemon
ArrestX/--POC
KayCHENvip/vulnerability-poc
Miraitowa70/POC-Notes
SexyBeast233/SecBooks
Threekiii/Awesome-POC
XiaomingX/awesome-poc-for-red-team
cyb3r-w0lf/nuclei-template-collection

References

www.terra-master.com/ (x_refsource_MISC)
www.ihteam.net/advisory/terramaster-tos-multiple-vulnerabilities/ (x_refsource_MISC)

Frequently asked questions

What is CVE-2020-28187?: CVE-2020-28187 is a vulnerability in N/a. Published 2020-12-24.
Is CVE-2020-28187 known to be exploited?: 12 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.