User Enumeration in TerraMaster TOS 3.1.03 via modgroup Parameter in usertable.php

User Enumeration in TerraMaster TOS 3.1.03 via modgroup Parameter in usertable.php

CVE-2018-13361 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

User enumeration in usertable.php in TerraMaster TOS version 3.1.03 allows attackers to list all system users via the "modgroup" parameter.

Learn more about our Web Application Penetration Testing UK.