CVE-2022-24989

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2022-24989
TerraMaster NAS through 4.2.30 allows remote WAN attackers to execute arbitrary code as root via the raidtype and diskstring parameters for PHP Object Instantiation to the api.php?mobile/createRaid URI. (Shell metacharacters can be placed in raidtype because popen is used without any sanitization.) The credentials from CVE-2022-24990 exploitation can be used.

9.8 /10

CVSS v3 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://attackerkb.com/topics/h8YKVKx21t/cve-2022-24990 Third Party Advisory
https://forum.terra-master.com/en/viewforum.php?f=28 Release Notes
https://github.com/0xf4n9x/CVE-2022-24990 Exploit
https://octagon.net/blog/2022/03/07/cve-2022-24990-terrmaster-tos-unauthenticated-remote-command-execution-via-php-object-instantiation Exploit
https://packetstormsecurity.com/files/172904 Exploit Third Party Advisory VDB Entry
https://attackerkb.com/topics/h8YKVKx21t/cve-2022-24990 Third Party Advisory
https://forum.terra-master.com/en/viewforum.php?f=28 Release Notes
https://github.com/0xf4n9x/CVE-2022-24990 Exploit
https://octagon.net/blog/2022/03/07/cve-2022-24990-terrmaster-tos-unauthenticated-remote-command-execution-via-php-object-instantiation Exploit
https://packetstormsecurity.com/files/172904 Exploit Third Party Advisory VDB Entry
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:terra-master:terramaster_operating_system:*:*:*:*:*:*:*:*
OR cpe:2.3:h:terra-master:f2-210:-:*:*:*:*:*:*:*
cpe:2.3:h:terra-master:f2-221:-:*:*:*:*:*:*:*
cpe:2.3:h:terra-master:f2-223:-:*:*:*:*:*:*:*
cpe:2.3:h:terra-master:f2-422:-:*:*:*:*:*:*:*
cpe:2.3:h:terra-master:f2-423:-:*:*:*:*:*:*:*
cpe:2.3:h:terra-master:f4-421:-:*:*:*:*:*:*:*
cpe:2.3:h:terra-master:f4-422:-:*:*:*:*:*:*:*
cpe:2.3:h:terra-master:f4-423:-:*:*:*:*:*:*:*
cpe:2.3:h:terra-master:f5-221:-:*:*:*:*:*:*:*
cpe:2.3:h:terra-master:f5-422:-:*:*:*:*:*:*:*
cpe:2.3:h:terra-master:t12-423:-:*:*:*:*:*:*:*
cpe:2.3:h:terra-master:t12-450:-:*:*:*:*:*:*:*
cpe:2.3:h:terra-master:t6-423:-:*:*:*:*:*:*:*
cpe:2.3:h:terra-master:t9-423:-:*:*:*:*:*:*:*
cpe:2.3:h:terra-master:t9-450:-:*:*:*:*:*:*:*
cpe:2.3:h:terra-master:u12-322-9100:-:*:*:*:*:*:*:*
cpe:2.3:h:terra-master:u12-423:-:*:*:*:*:*:*:*
cpe:2.3:h:terra-master:u12-722-2224:-:*:*:*:*:*:*:*
cpe:2.3:h:terra-master:u16-322-9100:-:*:*:*:*:*:*:*
cpe:2.3:h:terra-master:u16-722-2224:-:*:*:*:*:*:*:*
cpe:2.3:h:terra-master:u24-722-2224:-:*:*:*:*:*:*:*
cpe:2.3:h:terra-master:u4-111:-:*:*:*:*:*:*:*
cpe:2.3:h:terra-master:u4-211:-:*:*:*:*:*:*:*
cpe:2.3:h:terra-master:u4-423:-:*:*:*:*:*:*:*
cpe:2.3:h:terra-master:u8-111:-:*:*:*:*:*:*:*
cpe:2.3:h:terra-master:u8-322-9100:-:*:*:*:*:*:*:*
cpe:2.3:h:terra-master:u8-423:-:*:*:*:*:*:*:*
cpe:2.3:h:terra-master:u8-522-9400:-:*:*:*:*:*:*:*
cpe:2.3:h:terra-master:u8-722-2224:-:*:*:*:*:*:*:*
History

21 Nov 2024, 06:51

Type Values Removed Values Added
References () https://attackerkb.com/topics/h8YKVKx21t/cve-2022-24990 - Third Party Advisory () https://attackerkb.com/topics/h8YKVKx21t/cve-2022-24990 - Third Party Advisory
References () https://forum.terra-master.com/en/viewforum.php?f=28 - Release Notes () https://forum.terra-master.com/en/viewforum.php?f=28 - Release Notes
References () https://github.com/0xf4n9x/CVE-2022-24990 - Exploit () https://github.com/0xf4n9x/CVE-2022-24990 - Exploit
References () https://octagon.net/blog/2022/03/07/cve-2022-24990-terrmaster-tos-unauthenticated-remote-command-execution-via-php-object-instantiation - Exploit () https://octagon.net/blog/2022/03/07/cve-2022-24990-terrmaster-tos-unauthenticated-remote-command-execution-via-php-object-instantiation - Exploit
References () https://packetstormsecurity.com/files/172904 - Exploit, Third Party Advisory, VDB Entry () https://packetstormsecurity.com/files/172904 - Exploit, Third Party Advisory, VDB Entry

24 Aug 2023, 20:52

Type Values Removed Values Added
CPE cpe:2.3:h:terra-master:t12-423:-:*:*:*:*:*:*:*
cpe:2.3:h:terra-master:f4-421:-:*:*:*:*:*:*:*
cpe:2.3:h:terra-master:u16-722-2224:-:*:*:*:*:*:*:*
cpe:2.3:h:terra-master:f2-423:-:*:*:*:*:*:*:*
cpe:2.3:h:terra-master:u16-322-9100:-:*:*:*:*:*:*:*
cpe:2.3:h:terra-master:u4-211:-:*:*:*:*:*:*:*
cpe:2.3:h:terra-master:u4-423:-:*:*:*:*:*:*:*
cpe:2.3:h:terra-master:f4-423:-:*:*:*:*:*:*:*
cpe:2.3:h:terra-master:t9-423:-:*:*:*:*:*:*:*
cpe:2.3:h:terra-master:t12-450:-:*:*:*:*:*:*:*
cpe:2.3:h:terra-master:f4-422:-:*:*:*:*:*:*:*
cpe:2.3:h:terra-master:f2-223:-:*:*:*:*:*:*:*
cpe:2.3:h:terra-master:f2-210:-:*:*:*:*:*:*:*
cpe:2.3:h:terra-master:t9-450:-:*:*:*:*:*:*:*
cpe:2.3:h:terra-master:u12-722-2224:-:*:*:*:*:*:*:*
cpe:2.3:h:terra-master:u12-322-9100:-:*:*:*:*:*:*:*
cpe:2.3:h:terra-master:u8-722-2224:-:*:*:*:*:*:*:*
cpe:2.3:o:terra-master:terramaster_operating_system:*:*:*:*:*:*:*:*
cpe:2.3:h:terra-master:f5-422:-:*:*:*:*:*:*:*
cpe:2.3:h:terra-master:u4-111:-:*:*:*:*:*:*:*
cpe:2.3:h:terra-master:t6-423:-:*:*:*:*:*:*:*
cpe:2.3:h:terra-master:u8-111:-:*:*:*:*:*:*:*
cpe:2.3:h:terra-master:u8-322-9100:-:*:*:*:*:*:*:*
cpe:2.3:h:terra-master:u24-722-2224:-:*:*:*:*:*:*:*
cpe:2.3:h:terra-master:f2-422:-:*:*:*:*:*:*:*
cpe:2.3:h:terra-master:f2-221:-:*:*:*:*:*:*:*
cpe:2.3:h:terra-master:f5-221:-:*:*:*:*:*:*:*
cpe:2.3:h:terra-master:u12-423:-:*:*:*:*:*:*:*
cpe:2.3:h:terra-master:u8-423:-:*:*:*:*:*:*:*
cpe:2.3:h:terra-master:u8-522-9400:-:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 9.8
References (MISC) https://github.com/0xf4n9x/CVE-2022-24990 - (MISC) https://github.com/0xf4n9x/CVE-2022-24990 - Exploit
References (MISC) https://forum.terra-master.com/en/viewforum.php?f=28 - (MISC) https://forum.terra-master.com/en/viewforum.php?f=28 - Release Notes
References (MISC) https://octagon.net/blog/2022/03/07/cve-2022-24990-terrmaster-tos-unauthenticated-remote-command-execution-via-php-object-instantiation - (MISC) https://octagon.net/blog/2022/03/07/cve-2022-24990-terrmaster-tos-unauthenticated-remote-command-execution-via-php-object-instantiation - Exploit
References (MISC) https://packetstormsecurity.com/files/172904 - (MISC) https://packetstormsecurity.com/files/172904 - Exploit, Third Party Advisory, VDB Entry
References (MISC) https://attackerkb.com/topics/h8YKVKx21t/cve-2022-24990 - (MISC) https://attackerkb.com/topics/h8YKVKx21t/cve-2022-24990 - Third Party Advisory
First Time Terra-master t9-423
Terra-master u8-423
Terra-master u12-423
Terra-master f2-210
Terra-master u24-722-2224
Terra-master u12-722-2224
Terra-master f2-422
Terra-master u16-722-2224
Terra-master f2-423
Terra-master
Terra-master u8-722-2224
Terra-master u12-322-9100
Terra-master u4-211
Terra-master t6-423
Terra-master u8-322-9100
Terra-master t9-450
Terra-master f2-221
Terra-master u16-322-9100
Terra-master t12-450
Terra-master t12-423
Terra-master f4-421
Terra-master u4-111
Terra-master f4-423
Terra-master u8-522-9400
Terra-master u4-423
Terra-master f5-221
Terra-master f2-223
Terra-master f4-422
Terra-master f5-422
Terra-master u8-111
Terra-master terramaster Operating System
CWE CWE-74

21 Aug 2023, 12:47

Type Values Removed Values Added
New CVE
Information

Published : 2023-08-20 18:15

Updated : 2024-11-21 06:51

NVD link : CVE-2022-24989

Mitre link : CVE-2022-24989

CVE.ORG link : CVE-2022-24989

JSON object : View

Products Affected

terra-master

  • u8-722-2224
  • f4-421
  • f2-423
  • u8-111
  • t12-450
  • f2-422
  • u24-722-2224
  • u12-322-9100
  • u4-111
  • f2-210
  • t9-423
  • u8-522-9400
  • f4-422
  • terramaster_operating_system
  • t9-450
  • f5-422
  • t6-423
  • f4-423
  • f2-223
  • u8-322-9100
  • u12-423
  • t12-423
  • u12-722-2224
  • f5-221
  • f2-221
  • u8-423
  • u4-211
  • u4-423
  • u16-322-9100
  • u16-722-2224
CWE
CWE-74

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')


NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024