9.9 High
AI Score
Confidence
High
0.855 High
EPSS
Percentile
98.6%
Seagate Media Server in Seagate Personal Cloud has unauthenticated command injection in the uploadTelemetry and getLogs functions in views.py because .psp URLs are handled by the fastcgi.server component and shell metacharacters are mishandled.
blogs.securiteam.com/index.php/archives/3548
www.exploit-db.com/exploits/43659/