The vulnerability of the `localJob.php` and `pre_connect_check.php` scripts in the web interface of Seagate BlackArmor NAS software for network storage systems allows a hacker to execute arbitrary code.

The vulnerability of the localJob.php /backupmgt/localJob.php and preconnectcheck.php backupmgmt/preconnectcheck.php web interfaces of the Seagate BlackArmor NAS software solution is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to execute...

Code injection

Seagate BlackArmor NAS allows remote attackers to execute arbitrary code via the session parameter to localhost/backupmgt/localJob.php or the authname parameter to localhost/backupmgmt/preconnectcheck.php...

CVE-2014-3205

The CVE-2014-3205 issue affects Seagate BlackArmor NAS in backupmgt/pre_connect_check.php, where a backdoor user is authenticated using a hard-coded password '!~@##$$%FREDESWWSED'. The vulnerability is documented across multiple sources (NVD entry, CNVD/CVE records, and CNVD Chinese advisory) and...