Описание
TerraMaster F2-210 devices through 2021-04-03 use UPnP to make the admin web server accessible over the Internet on TCP port 8181, which is arguably inconsistent with the "It is only available on the local network" documentation. NOTE: manually editing /etc/upnp.json provides a partial but undocumented workaround.
Ссылки
- ExploitThird Party Advisory
- Issue TrackingThird Party Advisory
- ExploitThird Party Advisory
- Issue TrackingThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2021-04-03 (включая)
Одновременно
cpe:2.3:o:terra-master:f2-210_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:terra-master:f2-210:-:*:*:*:*:*:*:*
EPSS
Процентиль: 46%
0.00236
Низкий
7.3 High
CVSS3
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
CVSS3: 7.3
github
больше 3 лет назад
TerraMaster F2-210 devices through 2021-04-03 use UPnP to make the admin web server accessible over the Internet on TCP port 8181, which is arguably inconsistent with the "It is only available on the local network" documentation. NOTE: manually editing /etc/upnp.json provides a partial but undocumented workaround.
EPSS
Процентиль: 46%
0.00236
Низкий
7.3 High
CVSS3
7.5 High
CVSS2
Дефекты
NVD-CWE-Other