CVE-2018-13332

HIGH

TerraMaster TOS 3.1.03 - Path Traversal via Explorer Path URL Parameter

Title source: llm
STIX 2.1

Description

Directory Traversal in the explorer application in TerraMaster TOS version 3.1.03 allows attackers to upload files to arbitrary locations via the "path" URL parameter.

References (1)

Core 1
Core References

Scores

CVSS v3 7.5
EPSS 0.0235
EPSS Percentile 81.6%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Details

CWE
CWE-22
Status published
Products (1)
terra-master/terramaster_operating_system 3.1.03
Published Nov 27, 2018
Tracked Since Feb 18, 2026