CVEs (5)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Seagate 2Blackarmor Nas 110 Firmware Blackarmor Nas 220 FirmwareNov 21, 2024 Feb 23, 2018 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Seagate BlackArmor NAS allows remote attackers to execute arbitrary code via the session parameter to localhost/backupmgt/localJob.php or the auth_name parameter to localhost/backupmgmt/pre_connect_check.php. |
1Seagate 2Blackarmor Nas 110 Firmware Blackarmor Nas 220 FirmwareNov 21, 2024 Feb 23, 2018 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 backupmgt/pre_connect_check.php in Seagate BlackArmor NAS contains a hard-coded password of '!~@##$$%FREDESWWSED' for a backdoor user. |
1Seagate 1Blackarmor Nas 220 Firmware May 13, 2026 Oct 11, 2017 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Seagate BlackArmor NAS devices with firmware sg2000-2000.1331 allow remote attackers to execute arbitrary commands via shell metacharacters in the ip parameter to backupmgt/getAlias.php. |
1Seagate 2Blackarmor Nas 220 Blackarmor Nas 220 FirmwareApr 29, 2026 Jan 21, 2014 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Multiple cross-site request forgery (CSRF) vulnerabilities in the Seagate BlackArmor NAS 220 devices with firmware sg2000-2000.1331 allow remote attackers to hijack the authentication of administrators for requests that...Show more |
1Seagate 2Blackarmor Nas 220 Blackarmor Nas 220 FirmwareApr 29, 2026 Jan 9, 2014 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Multiple cross-site scripting (XSS) vulnerabilities in Seagate BlackArmor NAS 220 devices with firmware sg2000-2000.1331 allow remote attackers to inject arbitrary web script or HTML via the (1) fullname parameter to adm...Show more |