Seagate BlackArmor NAS Multiple Vulnerabilities Network Vulnerability

Summary

Seagate BlackArmor NAS is prone to multiple vulnerabilities.

Impact

Successful exploitation will allow an attacker to execute arbitrary code as root or to obtain sensitive information which may aid in further attacks..

Solution

Ask the vendor for an update

Insight

Multiple security issues where found in Seagate BlackArmor NAS. 1. Multiple remote code execution vulnerabilities (root). 2. Multiple local file include vulnerabilities. 3. Multiple information disclosure vulnerabilities. 4. Multiple cross site scripting vulnerabilities.

Detection

Send a special crafted request which tries to execute the 'id' command.

References

http://www.seagate.com/external-hard-drives/network-storage/

Updated on 2017-03-28

Severity

Classification

CVE CVE-2013-6922, CVE-2013-6923, CVE-2013-6924

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe ColdFusion Authentication Bypass Vulnerability
AlienVault OSSIM 'date_from' Parameter Multiple SQL Injection Vulnerabilities
Ad Manager Pro Multiple SQL Injection And XSS Vulnerabilities
3Com OfficeConnect VPN Firewall Default Password Security Bypass Vulnerability
AstroSPACES profile.php SQL Injection Vulnerability

Take action and discover your vulnerabilities