Signature Detail

This site is deprecated. Please CLICK HERE for latest updates

Short Name	HTTP:MISC:SEAGATE-NAS-RCE
Severity	Major
Recommended	Yes
Recommended Action	Drop
Category	HTTP
Keywords	Seagate Business NAS Pre-Authentication Remote Code Execution
Release Date	2015/03/02
Update Number	2471
Supported Platforms	idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

HTTP: Seagate Business NAS Pre-Authentication Remote Code Execution

This signature detects attempts to exploit a known vulnerability against Seagate Business Network Attached Storage. A successful attack can lead to arbitrary code execution.

Extended Description

Seagate Business NAS devices with firmware before 2015.00322 allow remote attackers to execute arbitrary code with root privileges by leveraging use of a static encryption key to create session tokens.

Affected Products

Seagate business_nas_firmware 2014.00319

References

CVE: CVE-2014-8687

Signature Detail

This site is deprecated. Please CLICK HERE for latest updates

Short Name

Severity

Recommended

Recommended Action

Category

Keywords

Release Date

Update Number

Supported Platforms

HTTP: Seagate Business NAS Pre-Authentication Remote Code Execution

Extended Description

Affected Products

References