CVE-2018-5347

2018-01-12T01:29:00
ID CVE-2018-5347
Type cve
Reporter cve@mitre.org
Modified 2019-10-03T00:03:00

Description

Seagate Media Server in Seagate Personal Cloud has unauthenticated command injection in the uploadTelemetry and getLogs functions in views.py because .psp URLs are handled by the fastcgi.server component and shell metacharacters are mishandled.