CVE-2020-28188

Remote Command Execution (RCE) vulnerability in TerraMaster TOS <= 4.2.06 allow remote unauthenticated attackers to inject OS commands via /include/makecvs.php in Event parameter. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt