CVE-2020-28186

Email Injection in TerraMaster TOS <= 4.2.06 allows remote unauthenticated attackers to abuse the forget password functionality and achieve account takeover.
References
Configurations

Configuration 1

cpe:2.3:o:terra-master:tos:*:*:*:*:*:*:*:*

Information

Published : 2020-12-24 03:15

Updated : 2020-12-28 05:21


NVD link : CVE-2020-28186

Mitre link : CVE-2020-28186

Products Affected
No products.
CWE
CWE-640

Weak Password Recovery Mechanism for Forgotten Password