Terramaster F4-210, F2-210 TOS 4.2.X (4.2.15-2107141517) - Administrator Hash Disclosure Vulnerability

Terramaster F4-210, F2-210 TOS 4.2.X (4.2.15-2107141517) - Administrator Hash Disclosure Vulnerability

CVE-2021-45839 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

It is possible to obtain the first administrator's hash set up on the system in Terramaster F4-210, F2-210 TOS 4.2.X (4.2.15-2107141517) as well as other information such as MAC address, internal IP address etc. by performing a request to the /module/api.php?mobile/webNasIPS endpoint.

Learn more about our Web App Pen Testing.