TerraMaster is a well-known manufacturer of NAS servers in the world of home NAS servers, this manufacturer is characterized by providing quite cheap NAS and with quite interesting technical specifications. TerraMaster uses its own operating system for its equipment, logically this operating system is based on Linux, as is the case with QNAP, Synology or ASUSTOR NAS. Security researchers have discovered critical security vulnerabilities in the operating system, so if you have a NAS from this manufacturer, pay special attention because your data may be at risk.
What is this security flaw?
Security researchers have discovered a number of critical security vulnerabilities that could be chained together to achieve remote unauthenticated code execution with root privileges. This means that any cybercriminal could infect our NAS server and carry out any action with superuser permissions, so it is a serious security flaw that you must take into account.
The security problem lies in the TOS (TerraMaster Operating System), this is the operating system designed for TerraMaster devices that allows users to manage storage, different services, install multimedia applications, perform backups and many others. actions we can do on a home NAS server. This security flaw can be exploited just by knowing the IP address of the NAS server, in addition, these flaws can be chained to get root permissions, so we will be totally “sold” against a possible attack.
The first security flaw is cataloged as CVE-2022-24990, this security flaw consists of a leak of information from a component called “webNASIPS” which is basically the exposure of the firmware version of the operating system, the IP address and the address MAC of the default gateway interface and the hashed admin key. The second flaw is cataloged as CVE-2022-24989, this flaw consists of a command injection in a PHP module called “createRAID”. Both of these security flaws can be used to send a command for remote code execution.
Recently, TerraMaster users have been affected by a ransomware attack, as happened a few weeks ago with ASUSTOR and a few months ago with QNAP. Cybercriminals are believed to have exploited this vulnerability with the aim of infecting NAS servers and demanding ransom.
What version does this bug affect?
The TerraMaster development team has released a major update, 4.2.30, to fix this serious security flaw, and it was released just a week ago, so it is highly recommended that you start an OS update as soon as possible. , because all versions prior to 4.2.30 are affected by this very serious bug.
This new version of the operating system also puts an end to DeadBolt ransomware, a ransomware that has affected the company’s NAS servers, encrypting all user data, and losing a large amount of information. If you have not yet installed the latest version of TOS 4.2.30, we recommend you access the official TerraMaster website where you will be able to find all the details.