VYPR

Blackarmor Nas 220 Firmware

by Seagate

CVEs (4)

  • CVE-2013-6924CriOct 11, 2017
    risk 0.68cvss 9.8epss 0.15

    Seagate BlackArmor NAS devices with firmware sg2000-2000.1331 allow remote attackers to execute arbitrary commands via shell metacharacters in the ip parameter to backupmgt/getAlias.php.

  • CVE-2013-6922Jan 21, 2014
    risk 0.03cvss epss 0.01

    Multiple cross-site request forgery (CSRF) vulnerabilities in the Seagate BlackArmor NAS 220 devices with firmware sg2000-2000.1331 allow remote attackers to hijack the authentication of administrators for requests that (1) add user accounts via a crafted request to…

  • CVE-2013-6923Jan 9, 2014
    risk 0.03cvss epss 0.03

    Multiple cross-site scripting (XSS) vulnerabilities in Seagate BlackArmor NAS 220 devices with firmware sg2000-2000.1331 allow remote attackers to inject arbitrary web script or HTML via the (1) fullname parameter to admin/access_control_user_edit.php or (2) workname parameter…

  • CVE-2012-2568May 25, 2012
    risk 0.00cvss epss 0.04

    d41d8cd98f00b204e9800998ecf8427e.php in the management web server on the Seagate BlackArmor device allows remote attackers to change the administrator password via unspecified vectors.