TerraMaster Official Forum

Just to let you know guys that is normal to be infected.. this terramaster nas is a extremely BIG hole of vulnerabilities.

This is a report of the upnp service (which is the basic service that I have up and running)

49152/tcp open upnp Portable SDK for UPnP devices 1.6.22 (Linux 4.13.16; UPnP 1.0)
| vulners:
| cpe:/o:linux:linux_kernel:4.13.16:
| CVE-2019-14901 10.0 https://vulners.com/cve/CVE-2019-14901
| PACKETSTORM:135372 9.3 https://vulners.com/packetstorm/PACKETSTORM:135372 *EXPLOIT*
| CVE-2018-20836 9.3 https://vulners.com/cve/CVE-2018-20836
| CVE-2015-0571 9.3 https://vulners.com/cve/CVE-2015-0571
| CVE-2015-0570 9.3 https://vulners.com/cve/CVE-2015-0570
| CVE-2015-0569 9.3 https://vulners.com/cve/CVE-2015-0569
| 1337DAY-ID-25771 9.3 https://vulners.com/zdt/1337DAY-ID-25771 *EXPLOIT*
| CVE-2019-11477 7.8 https://vulners.com/cve/CVE-2019-11477
| CVE-2018-5391 7.8 https://vulners.com/cve/CVE-2018-5391
| CVE-2018-5390 7.8 https://vulners.com/cve/CVE-2018-5390
| EXPLOITPACK:669B77DE42FC41B271BD53577DECE916 7.5 https://vulners.com/exploitpack/EXPLOIT ... 577DECE916 *EXPLOIT*
| CVE-2019-14895 7.5 https://vulners.com/cve/CVE-2019-14895
| CVE-2019-14835 7.2 https://vulners.com/cve/CVE-2019-14835
| CVE-2018-8781 7.2 https://vulners.com/cve/CVE-2018-8781
| CVE-2018-6555 7.2 https://vulners.com/cve/CVE-2018-6555
| CVE-2018-14619 7.2 https://vulners.com/cve/CVE-2018-14619
| CVE-2018-1068 7.2 https://vulners.com/cve/CVE-2018-1068
| CVE-2017-15115 7.2 https://vulners.com/cve/CVE-2017-15115
| EXPLOITPACK:D8B1BFCB08D0FAA92CCBDBD01EF88A3F 6.9 https://vulners.com/exploitpack/EXPLOIT ... D01EF88A3F *EXPLOIT*
| EDB-ID:44305 6.9 https://vulners.com/exploitdb/EDB-ID:44305 *EXPLOIT*
| CVE-2020-10757 6.9 https://vulners.com/cve/CVE-2020-10757
| CVE-2018-5814 6.9 https://vulners.com/cve/CVE-2018-5814
| CVE-2017-1000405 6.9 https://vulners.com/cve/CVE-2017-1000405
| CVE-2018-18559 6.8 https://vulners.com/cve/CVE-2018-18559
| CVE-2018-1000026 6.8 https://vulners.com/cve/CVE-2018-1000026
| CVE-2018-1000204 6.3 https://vulners.com/cve/CVE-2018-1000204
| CVE-2017-1000407 6.1 https://vulners.com/cve/CVE-2017-1000407
| CVE-2019-19332 5.6 https://vulners.com/cve/CVE-2019-19332
| CVE-2019-18282 5.0 https://vulners.com/cve/CVE-2019-18282
| CVE-2019-16921 5.0 https://vulners.com/cve/CVE-2019-16921
| CVE-2019-11478 5.0 https://vulners.com/cve/CVE-2019-11478
| CVE-2019-10639 5.0 https://vulners.com/cve/CVE-2019-10639
| CVE-2018-6412 5.0 https://vulners.com/cve/CVE-2018-6412
| CVE-2018-16871 5.0 https://vulners.com/cve/CVE-2018-16871
| CVE-2017-1000410 5.0 https://vulners.com/cve/CVE-2017-1000410
| CVE-2018-6554 4.9 https://vulners.com/cve/CVE-2018-6554
| CVE-2018-5803 4.9 https://vulners.com/cve/CVE-2018-5803
| CVE-2018-18690 4.9 https://vulners.com/cve/CVE-2018-18690
| CVE-2018-14646 4.9 https://vulners.com/cve/CVE-2018-14646
| CVE-2018-1130 4.9 https://vulners.com/cve/CVE-2018-1130
| CVE-2018-10074 4.9 https://vulners.com/cve/CVE-2018-10074
| CVE-2018-10021 4.9 https://vulners.com/cve/CVE-2018-10021
| CVE-2010-5321 4.9 https://vulners.com/cve/CVE-2010-5321
| 1337DAY-ID-31841 4.9 https://vulners.com/zdt/1337DAY-ID-31841 *EXPLOIT*
| 1337DAY-ID-31840 4.9 https://vulners.com/zdt/1337DAY-ID-31840 *EXPLOIT*
| PACKETSTORM:141914 4.6 https://vulners.com/packetstorm/PACKETSTORM:141914 *EXPLOIT*
| EDB-ID:41761 4.6 https://vulners.com/exploitdb/EDB-ID:41761 *EXPLOIT*
| CVE-2020-14390 4.6 https://vulners.com/cve/CVE-2020-14390
| CVE-2018-20976 4.6 https://vulners.com/cve/CVE-2018-20976
| CVE-2018-20854 4.6 https://vulners.com/cve/CVE-2018-20854
| CVE-2018-18281 4.6 https://vulners.com/cve/CVE-2018-18281
| CVE-2018-10853 4.6 https://vulners.com/cve/CVE-2018-10853




Bad thing about this NAS is that the setup just sucks, there is no chance to create a firewall and there is no clear rules to block ALL incoming traffic from outside.

while i am sure you are correct from an inside network scan from my understanding these are only susceptible by someone opening a port from the outside world directly to the nas drive (but also intrestingly a couple of those on your list refer to Wifi Chipset, I'm not aware the F2-210 has a wifi chipset on it?) so I'm wondering if your scan is getting confused or just listing general vulnerabilities with the Kernel version rather that actual risks posed by the NAS unit itself?

i understand UPNP concepts and the only port that my F2-210 had opened up on my router was for PLEX when i accidentally said yes to asking for it to be accessible to the outside world, other than that no one is able to access the nas drive from the internet, i guess perhaps the more sensible option would be for internet service providers to turn off UPNP by default on the router to make things more secure and only enable it for people who want to use that feature, but that is more about the ISP making a network insecure rather than a reflection on TM

just i have noticed there is a beta version of a new TOS version that uses a newer kernel (at least for x86 models) so TM are moving in the right direction which i assume once this becomes mainstream would reduce your scan list

I have installed all latest updates. How do I install the patch 1.04?

sianderson wrote: ↑07 Feb 2021, 19:20 while i am sure you are correct from an inside network scan from my understanding these are only susceptible by someone opening a port from the outside world directly to the nas drive (but also intrestingly a couple of those on your list refer to Wifi Chipset, I'm not aware the F2-210 has a wifi .....

You are right, this is an scan from inside the network. But vulnerabilities are there and is just a matter of having a device vulnerable in your network to do the jump to other ones. Lets hope that they spend time on fixing their problems

Hello, You can refer to this link：viewtopic.php?f=28&t=1559