Seagate » Blackarmor Nas 220 Firmware : Security Vulnerabilities, CVEs, CVSS score >= 7
Seagate BlackArmor NAS allows remote attackers to execute arbitrary code via the session parameter to localhost/backupmgt/localJob.php or the auth_name parameter to localhost/backupmgmt/pre_connect_check.php.
Max CVSS
10.0
EPSS Score
25.61%
Published
2018-02-23
Updated
2018-03-19
backupmgt/pre_connect_check.php in Seagate BlackArmor NAS contains a hard-coded password of '!~@##$$%FREDESWWSED' for a backdoor user.
Max CVSS
10.0
EPSS Score
1.10%
Published
2018-02-23
Updated
2018-03-18
Seagate BlackArmor NAS devices with firmware sg2000-2000.1331 allow remote attackers to execute arbitrary commands via shell metacharacters in the ip parameter to backupmgt/getAlias.php.
Max CVSS
10.0
EPSS Score
2.96%
Published
2017-10-11
Updated
2017-11-03
3 vulnerabilities found