CVE-2020-28187 – CVE-2020-28187 is a critical directory traversa... (How to Fix)

Q: How do I fix CVE-2020-28187?

1. Log into TerraMaster TOS web interface. 2. Navigate to Control Panel > General Settings > Update & Restore. 3. Check for updates and install TOS 4.2.07 or later. 4. Reboot the NAS after update completes.

Q: What is the severity of CVE-2020-28187?

CVE-2020-28187 has a CVSS score of 9.8 (CRITICAL). CVE-2020-28187 is a critical directory traversal vulnerability in TerraMaster TOS that allows authenticated attackers to read, edit, or delete any file on the system. This affects TerraMaster NAS devices running TOS version 4.2.06 or earlier. Attackers can exploit this through multiple API endpoints to compromise the entire filesystem.

📋 TL;DR

CVE-2020-28187 is a critical directory traversal vulnerability in TerraMaster TOS that allows authenticated attackers to read, edit, or delete any file on the system. This affects TerraMaster NAS devices running TOS version 4.2.06 or earlier. Attackers can exploit this through multiple API endpoints to compromise the entire filesystem.

💻 Affected Systems

Products:

TerraMaster TOS

Versions: <= 4.2.06

Operating Systems: TerraMaster NAS OS

Default Config Vulnerable: ⚠️ Yes

Notes: Affects all TerraMaster NAS devices running vulnerable TOS versions. Authentication is required but default credentials may be used.

📦 What is this software?

Tos by Terra Master

View all CVEs affecting Tos →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise including data destruction, ransomware deployment, credential theft, and lateral movement to other systems on the network.

🟠

Likely Case

Data theft, file manipulation, service disruption, and potential privilege escalation leading to full system control.

🟢

If Mitigated

Limited impact if proper network segmentation, strict access controls, and file integrity monitoring are in place.

🌐 Internet-Facing: HIGH

🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires authentication but is straightforward once authenticated. Multiple proof-of-concept examples exist in security advisories.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: TOS 4.2.07 or later

Vendor Advisory: https://www.terra-master.com/

Restart Required: Yes

Instructions:

1. Log into TerraMaster TOS web interface. 2. Navigate to Control Panel > General Settings > Update & Restore. 3. Check for updates and install TOS 4.2.07 or later. 4. Reboot the NAS after update completes.

🔧 Temporary Workarounds

Network Access Restriction

all

Restrict access to TerraMaster TOS web interface to trusted IP addresses only

Authentication Hardening

all

Enforce strong passwords, enable 2FA if available, and disable default accounts

🧯 If You Can't Patch

Isolate TerraMaster NAS on separate VLAN with strict firewall rules
Implement file integrity monitoring and alert on unauthorized file access/modification

🔍 How to Verify

Check if Vulnerable:

Check TOS version in web interface: Control Panel > General Settings > About. If version is 4.2.06 or earlier, system is vulnerable.

Check Version:

Check via web interface or SSH: cat /etc/version

Verify Fix Applied:

Verify TOS version is 4.2.07 or later. Test API endpoints with directory traversal payloads to confirm they are blocked.

📡 Detection & Monitoring

Log Indicators:

Unusual file access patterns
Multiple failed authentication attempts followed by successful login
Requests to vulnerable endpoints (/tos/index.php?editor/fileGet, /include/ajax/logtable.php, /include/core/index.php) with directory traversal patterns

Network Indicators:

HTTP requests containing '../' or similar path traversal sequences
Unusual file download patterns from NAS

SIEM Query:

source="terramaster" AND (uri="*editor/fileGet*" OR uri="*logtable.php*" OR uri="*core/index.php*") AND (uri="*../*" OR uri="*..\\*" OR param="*../*")

📊 Metadata

CVE ID: CVE-2020-28187

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-22

Published: December 24, 2020

Last Updated: November 21, 2024

🔗 References

https://www.ihteam.net/advisory/terramaster-tos-multiple-vulnerabilities/ Exploit,Third Party Advisory
https://www.terra-master.com/ Vendor Advisory
https://www.ihteam.net/advisory/terramaster-tos-multiple-vulnerabilities/ Exploit,Third Party Advisory
https://www.terra-master.com/ Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2020-28187, you might also want to check these: