← Back

CVE-2015-2876

nvd nist
Published: Dec 31, 2015Modified: May 6, 2026

JSON object

Loading...
8.8
Vector
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability: 2.8 / Impact: 5.9
Source: NVD

Description

Unrestricted file upload vulnerability on Seagate GoFlex Satellite, Seagate Wireless Mobile Storage, Seagate Wireless Plus Mobile Storage, and LaCie FUEL devices with firmware before 3.4.1.105 allows remote attackers to execute arbitrary code by uploading a file to /media/sda2 during a Wi-Fi session.

Affected (5)

Lacie
2 products
Lac9000436u Firmware
Lac9000464u Firmware
Seagate
3 products
Wireless Mobile Storage
Wireless Plus Mobile Storage
Goflex Sattelite
Configuration A
2 vulnerable · 2 platform
Vulnerable SoftwareAffected Versions
Lac9000436u Firmware
Up to 2.3.0.014
Lac9000464u Firmware
Up to 2.3.0.014
Running on/withPlatform Versions
Lacie
Lac9000436u
All versions
Lacie
Lac9000464u
All versions
Configuration B
2 vulnerable
Vulnerable SoftwareAffected Versions
Wireless Mobile Storage
All versions
Wireless Plus Mobile Storage
All versions
Configuration C
1 vulnerable
Vulnerable SoftwareAffected Versions
Goflex Sattelite
All versions

References (6)

Source: cret@cert.org
Third Party AdvisoryUS Government Resource
Source: cret@cert.org
Third Party AdvisoryUS Government Resource
Source: cret@cert.org
Third Party AdvisoryUS Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryUS Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryUS Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryUS Government Resource

Timeline

No history available yet.