Unrated severityNVD Advisory· Published Jan 21, 2014· Updated Jun 17, 2026
CVE-2013-6922
CVE-2013-6922
Description
Multiple cross-site request forgery (CSRF) vulnerabilities in the Seagate BlackArmor NAS 220 devices with firmware sg2000-2000.1331 allow remote attackers to hijack the authentication of administrators for requests that (1) add user accounts via a crafted request to admin/access_control_user_add.php; (2) modify or (3) delete user accounts; (4) perform a factory reset; (5) perform a device reboot; or (6) add, (7) modify, or (8) delete shares and volumes.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
5cpe:2.3:h:seagate:blackarmor_nas_220:st320005lsa10g-rk:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:h:seagate:blackarmor_nas_220:st320005lsa10g-rk:*:*:*:*:*:*:*
- cpe:2.3:h:seagate:blackarmor_nas_220:st340005lsa10g-rk:*:*:*:*:*:*:*
- cpe:2.3:h:seagate:blackarmor_nas_220:stav6000100:*:*:*:*:*:*:*
- cpe:2.3:o:seagate:blackarmor_nas_220_firmware:sg2000-2000.1331:*:*:*:*:*:*:*
- (no CPE)range: firmware sg2000-2000.1331
Patches
Vulnerability mechanics
References
2- www.exploit-db.com/exploits/30726nvdExploit
- secunia.com/advisories/56047nvdVendor Advisory
News mentions
0No linked articles in our index yet.