Showing 1 - 1 of 1

CVE-2020-6627

Status Candidate

Overview

The web-management application on Seagate Central NAS STCG2000300, STCG3000300, and STCG4000300 devices allows OS command injection via mv_backend_launch in cirrus/application/helpers/mv_backend_helper.php by leveraging the "start" state and sending a check_device_name request.

Related Files

Seagate Central Storage 2015.0916 User Creation / Command Execution: Posted May 26, 2023; Authored by Ege Balci | Site metasploit.com; This Metasploit module exploits the broken access control vulnerability in Seagate Central External NAS Storage device. Subject product suffers several critical vulnerabilities such as broken access control. It makes it possible to change the device state and register a new admin user which is capable of SSH access.; tags | exploit, vulnerability; advisories | CVE-2020-6627; SHA-256 | 0c0244a7cf8607e5471c8c892d6c5977f98fef410819f0a4cba83bca34b40d39; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 236 files
Ubuntu 90 files
Gentoo 31 files
Debian 23 files
tmrswrr 10 files
Sina Kheirkhah 7 files
Amit Roy 4 files
bRpsd 4 files
Rodolfo Tavares 4 files
nu11secur1ty 3 files

File Archives

Systems

AIX (429)
Apple (2,090)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,077)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,531)
HPUX (880)
iOS (376)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,339)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,263)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,651)
UNIX (9,425)
UnixWare (187)
Windows (6,666)
Other

CVE-2020-6627

Overview

Related Files

File Archive:

July 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems