CVE-2022-24990 CVE-2022-24990 TerraMaster TOS unauthenticated RCE via PHP Object Instantiation Usage Vulnerability Detection. python CVE-2022-24990.py -u http://127.0.0.1:8080 Upload a PHP webshell. python CVE-2022-24990.py -a http://127.0.0.1:8080 Reference https://octagon.net/blog/2022/03/07/cve-2022-24990-terrmaster-tos-unauthenticated-remote-command-execution-via-php-object-instantiation/ http://wiki.peiqi.tech/wiki/webapp/TerraMaster/TerraMaster%20TOS%20createRaid%20%E8%BF%9C%E7%A8%8B%E5%91%BD%E4%BB%A4%E6%89%A7%E8%A1%8C%E6%BC%8F%E6%B4%9E%20CVE-2022-24990.html