CVE-2018-13336



System command injection in ajaxdata.php in TerraMaster TOS version 3.1.03 allows attackers to execute system commands via the "pwd" parameter during user creation.

Don't forget to share

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *