3 matches found
CVE-2018-12296
Insufficient access control in /api/external/7.0/system.System.getinfos in Seagate NAS OS version 4.3.15.1 allows attackers to obtain information about the NAS without authentication via empty POST requests...
CVE-2018-12296
creationtimestamp| type| source ---|---|--- 2019-05-13 16:26:18+00:00| seen| https://t.me/cibsecurity/4267 2024-11-04 00:00:00+00:00| exploited| The Shadowserver honeypot/exploited-vulnerabilities - 2024-11-04 2024-11-10 00:00:00+00:00| exploited| The Shadowserver honeypot/exploited-vulnerabiliti...
CVE-2018-12296
CVE-2018-12296 affects Seagate NAS OS 4.3.15.1. The issue is insufficient access control on the API endpoint /api/external/7.0/system.System.get_infos, permitting an unauthenticated attacker to obtain information about the NAS via empty POST requests. The NVD and connected templates describe this...