Title:Terramaster TOS 路径遍历漏洞 (CVE-2020-28187) Description:Multiple directory traversal vulnerabilities in TerraMaster TOS <= 4.2.06 allow remote authenticated attackers to read, edit or delete any file within the filesystem via the (1) filename parameter to /tos/index.php?editor/fileGet, Event parameter to /include/ajax/logtable.php, or opt parameter to /include/core/index.php.
File Snapshot
# TerraMaster TOS 后台任意文件读取漏洞 CVE-2020-28187
## 漏洞描述
TerraMaster TOS <= 4.2.06中的多个目录遍历漏洞允许远程身份验证的攻击
...
Shenlong Bot has cached this for you
Remarks
1. It is advised to access via the original source first.2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →