Critical severity9.8NVD Advisory· Published Dec 31, 2015· Updated May 6, 2026

CVE-2015-2874

Description

Seagate GoFlex Satellite, Seagate Wireless Mobile Storage, Seagate Wireless Plus Mobile Storage, and LaCie FUEL devices with firmware before 3.4.1.105 have a default password of root for the root account, which allows remote attackers to obtain administrative access via a TELNET session.

Affected products

Seagate/Wireless Mobile Storage
cpe:2.3:h:seagate:wireless_mobile_storage:*:*:*:*:*:*:*:*
Seagate/Wireless Plus Mobile Storage
cpe:2.3:h:seagate:wireless_plus_mobile_storage:*:*:*:*:*:*:*:*
Lacie/Lac9000436u Firmware
cpe:2.3:o:lacie:lac9000436u_firmware:*:*:*:*:*:*:*:*
Range: <=2.3.0.014
Lacie/Lac9000464u Firmware
cpe:2.3:o:lacie:lac9000464u_firmware:*:*:*:*:*:*:*:*
Range: <=2.3.0.014
Seagate/Goflex Sattelite
cpe:2.3:h:seagate:goflex_sattelite:*:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.kb.cert.org/vuls/id/903500nvdThird Party AdvisoryUS Government Resource
www.kb.cert.org/vuls/id/GWAN-9ZGTUHnvdThird Party AdvisoryUS Government Resource
www.kb.cert.org/vuls/id/GWAN-A26L3FnvdThird Party AdvisoryUS Government Resource

News mentions

No linked articles in our index yet.

cvss	0.637
epss	0.002
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000