Summary
Seagate BlackArmor NAS is prone to multiple vulnerabilities.
Impact
Successful exploitation will allow an attacker to execute arbitrary code as root or to obtain sensitive information which may aid in further attacks..
Solution
Ask the vendor for an update
Insight
Multiple security issues where found in Seagate BlackArmor NAS.
1. Multiple remote code execution vulnerabilities (root).
2. Multiple local file include vulnerabilities.
3. Multiple information disclosure vulnerabilities.
4. Multiple cross site scripting vulnerabilities.
Detection
Send a special crafted request which tries to execute the 'id' command.
References
Updated on 2017-03-28
Severity
Classification
-
CVE CVE-2013-6922, CVE-2013-6923, CVE-2013-6924 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities