Security Advisory

CVE-2020-28190

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-12-24 14:34:32

Last updated 2024-08-04 16:33:57

Assigner mitre

State PUBLISHED

Description

TerraMaster TOS <= 4.2.06 was found to check for updates (of both system and applications) via an insecure channel (HTTP). Man-in-the-middle attackers are able to intercept these requests and serve a weaponized/infected version of applications or updates.

← Browse all CVEs View on cve.org ↗