VYPR
Unrated severityNVD Advisory· Published Jan 21, 2014· Updated Jun 17, 2026

CVE-2013-6922

CVE-2013-6922

Description

Multiple cross-site request forgery (CSRF) vulnerabilities in the Seagate BlackArmor NAS 220 devices with firmware sg2000-2000.1331 allow remote attackers to hijack the authentication of administrators for requests that (1) add user accounts via a crafted request to admin/access_control_user_add.php; (2) modify or (3) delete user accounts; (4) perform a factory reset; (5) perform a device reboot; or (6) add, (7) modify, or (8) delete shares and volumes.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

5
  • cpe:2.3:h:seagate:blackarmor_nas_220:st320005lsa10g-rk:*:*:*:*:*:*:*+ 4 more
    • cpe:2.3:h:seagate:blackarmor_nas_220:st320005lsa10g-rk:*:*:*:*:*:*:*
    • cpe:2.3:h:seagate:blackarmor_nas_220:st340005lsa10g-rk:*:*:*:*:*:*:*
    • cpe:2.3:h:seagate:blackarmor_nas_220:stav6000100:*:*:*:*:*:*:*
    • cpe:2.3:o:seagate:blackarmor_nas_220_firmware:sg2000-2000.1331:*:*:*:*:*:*:*
    • (no CPE)range: firmware sg2000-2000.1331

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.