VYPR

BlackArmor

by Seagate

CVEs (4)

  • CVE-2014-3206CriFeb 23, 2018
    risk 0.68cvss 9.8epss 0.53

    Seagate BlackArmor NAS allows remote attackers to execute arbitrary code via the session parameter to localhost/backupmgt/localJob.php or the auth_name parameter to localhost/backupmgmt/pre_connect_check.php.

  • CVE-2013-6924CriOct 11, 2017
    risk 0.68cvss 9.8epss 0.15

    Seagate BlackArmor NAS devices with firmware sg2000-2000.1331 allow remote attackers to execute arbitrary commands via shell metacharacters in the ip parameter to backupmgt/getAlias.php.

  • CVE-2014-3205CriFeb 23, 2018
    risk 0.64cvss 9.8epss 0.03

    backupmgt/pre_connect_check.php in Seagate BlackArmor NAS contains a hard-coded password of '!~@##$$%FREDESWWSED' for a backdoor user.

  • CVE-2012-2568May 25, 2012
    risk 0.00cvss epss 0.04

    d41d8cd98f00b204e9800998ecf8427e.php in the management web server on the Seagate BlackArmor device allows remote attackers to change the administrator password via unspecified vectors.