CVE-2022-24990

TerraMaster NAS 4.2.29 and earlier allows remote attackers to discover the administrative password by sending "User-Agent: TNAS" to module/api.php?mobile/webNasIPS and then reading the PWD field in the response.
Configurations

Configuration 1


Information

Published : 2023-02-07 06:15

Updated : 2023-02-16 02:24


NVD link : CVE-2022-24990

Mitre link : CVE-2022-24990

Products Affected