Insecure Access Controls in ajaxdata.php of TerraMaster TOS v3.1.03 Enable Unauthorized User Group Creation

Insecure Access Controls in ajaxdata.php of TerraMaster TOS v3.1.03 Enable Unauthorized User Group Creation

CVE-2018-13355 · MEDIUM Severity

AV:N/AC:L/AU:S/C:N/I:P/A:N

Incorrect access controls in ajaxdata.php in TerraMaster TOS version 3.1.03 allow attackers to create user groups without proper authorization.

Learn more about our User Device Pen Test.