Lucene search
+L

347 matches found

0day.today
0day.today
added 2015/06/04 12:0 a.m.43 views

Seagate Central Remote Root Exploit

Seagate Central by default has a passwordless root account and no option to change it. This exploit logs into the ftp server and uploads a php shell to the webroot. From there, the uploaded shell can execute commands with root privileges as lighttpd. !/usr/bin/python seagateftpremoteroot.py Seaga...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2015/06/04 12:0 a.m.32 views

Seagate Central Remote Root

!/usr/bin/python seagateftpremoteroot.py Seagate Central Remote Root Exploit Jeremy Brown jbrown3264/gmail May 2015 -Synopsis- Seagate Central by default has a passwordless root account and no option to change it. One way to exploit this is to log into it's ftp server and upload a php shell to th...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2015/06/04 12:0 a.m.43 views

Seagate Central Remote Facebook Access Token

!/usr/bin/python seagatecentralfacebook.py Seagate Central Remote Facebook Access Token Exploit Jeremy Brown jbrown3264/gmail May 2015 -Synopsis- Seagate Central stores linked Facebook account access tokens in /etc/archiveaccounts.ser and this exploit takes advantage of two bugs: 1 Passwordless...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2015/06/03 12:0 a.m.29 views

Seagate Central 2014.0410.0026-F - Remote Command Execution

Seagate Central 2014.0410.0026-F - Remote Command Execution !/usr/bin/python seagateftpremoteroot.py Seagate Central Remote Root Exploit Jeremy Brown jbrown3264/gmail May 2015 -Synopsis- Seagate Central by default has a passwordless root account and no option to change it. One way to exploit this...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2015/06/03 12:0 a.m.40 views

Seagate Central 2014.0410.0026-F - Remote Facebook Access Token

Seagate Central 2014.0410.0026-F - Remote Facebook Access Token !/usr/bin/python seagatecentralfacebook.py Seagate Central Remote Facebook Access Token Exploit Jeremy Brown jbrown3264/gmail May 2015 -Synopsis- Seagate Central stores linked Facebook account access tokens in /etc/archiveaccounts.se...

0.3AI score
Exploits0
Exploit DB
Exploit DB
added 2015/06/03 12:0 a.m.40 views

Seagate Central 2014.0410.0026-F - Remote Facebook Access Token

!/usr/bin/python seagatecentralfacebook.py Seagate Central Remote Facebook Access Token Exploit Jeremy Brown jbrown3264/gmail May 2015 -Synopsis- Seagate Central stores linked Facebook account access tokens in /etc/archiveaccounts.ser and this exploit takes advantage of two bugs: 1 Passwordless...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2015/06/03 12:0 a.m.34 views

Seagate Central 2014.0410.0026-F - Remote Command Execution

!/usr/bin/python seagateftpremoteroot.py Seagate Central Remote Root Exploit Jeremy Brown jbrown3264/gmail May 2015 -Synopsis- Seagate Central by default has a passwordless root account and no option to change it. One way to exploit this is to log into it's ftp server and upload a php shell to th...

7.4AI score
Exploits0
CNVD
CNVD
added 2015/03/11 12:0 a.m.36 views

Seagate Business Storage 2-Bay NAS Remote Code Execution Vulnerability

The Seagate Business Storage 2-Bay NAS is an enterprise-class network storage server from Seagate USA. A remote code execution vulnerability exists in the Seagate Business Storage 2-Bay NAS. An attacker can exploit this vulnerability to execute arbitrary code with root privileges, which may also...

10CVSS8.5AI score0.43813EPSS
Exploits7References1
ThreatPost
ThreatPost
added 2015/03/09 10:52 a.m.7 views

Seagate Confirms NAS Zero Day, Won't Patch Until May

Seagate, over the weekend, confirmed the zero-day vulnerability in its Seagate Business Storage 2-Bay NAS boxes disclosed March 1. But in the same breath, told customers exposed to the vulnerability that a patch is still two months away. “For those customers who choose to keep their networks open...

7.6AI score
Exploits0References4
Exploit DB
Exploit DB
added 2015/03/04 12:0 a.m.57 views

Seagate Business NAS - Remote Command Execution (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'rexml/document' class MetasploitModule 'Seagate Business NAS Unauthenticated Remote Command Execution', 'Description' = %q Some Seagate Busine...

7.4AI score
Exploits0
0day.today
0day.today
added 2015/03/03 12:0 a.m.87 views

Seagate Business NAS Unauthenticated Remote Command Execution Exploit

Some Seagate Business NAS devices are vulnerable to command execution via a local file include vulnerability hidden in the language parameter of the CodeIgniter session cookie. The vulnerability manifests in the way the language files are included in the code on the login page, and hence is open ...

10CVSS9.2AI score0.71515EPSS
Exploits8
ThreatPost
ThreatPost
added 2015/03/02 9:43 a.m.37 views

Seagate Business NAS Firmware Vulnerabilities Disclosed

Firmware running on certain Seagate network-attached storage devices that are popular with small businesses and home offices, are vulnerable to remote attacks. Researchers at Beyond Binary, a security consulting firm in Australia, on Sunday went public with their disclosure after a nearly...

7.8AI score
Exploits0References1
myhack58
myhack58
added 2015/03/02 12:0 a.m.21 views

Seagate NAS appears remote code execution vulnerability-vulnerability warning-the black bar safety net

Foreign security researcher OJ Reeves found the Seagate NAS one remote code execution vulnerability, and in the last year of the 1 0-month 7 Report to the official, but 1 3 0 days past the official still does not fix the vulnerability, so today he released the vulnerability details. ! Overview...

0.5AI score
Exploits0
Packet Storm
Packet Storm
added 2015/03/02 12:0 a.m.63 views

Seagate Business NAS Unauthenticated Remote Command Execution

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'rexml/document' class Metasploit4 'Seagate Business NAS Unauthenticated Remote Command Execution', 'Description' = %q Some Seagate Business NA...

6.8CVSS0.7AI score0.71515EPSS
Exploits8
Metasploit
Metasploit
added 2015/03/01 3:25 a.m.81 views

Seagate Business NAS Unauthenticated Remote Command Execution

Some Seagate Business NAS devices are vulnerable to command execution via a local file include vulnerability hidden in the language parameter of the CodeIgniter session cookie. The vulnerability manifests in the way the language files are included in the code on the login page, and hence is open ...

9.8CVSS9.5AI score0.71515EPSS
Exploits8
The Hacker News
The Hacker News
added 2015/03/01 12:50 a.m.67 views

Seagate NAS Zero-Day Vulnerability allows Unauthorized Root Access Remotely

Seagate, a popular vendor of hardware solutions, has a critical zero-day vulnerability in its Network Attached Storage NAS device software that possibly left thousands of its users vulnerable to hackers. Seagate's Business Storage 2-Bay NAS product, found in home and business networks, is...

5CVSS8.3AI score0.37222EPSS
Exploits8
exploitpack
exploitpack
added 2015/03/01 12:0 a.m.26 views

Seagate Business NAS 2014.00319 - Remote Code Execution

Seagate Business NAS 2014.00319 - Remote Code Execution !/usr/bin/env python Seagape ======= Seagate Business NAS pre-authentication remote code execution exploit as root user. by OJ Reeves @TheColonial - for full details please see https://beyondbinary.io/advisory/seagate-nas-rce/ Usage =====...

8.1AI score
Exploits0
0day.today
0day.today
added 2015/03/01 12:0 a.m.89 views

Seagate Business NAS <= 2014.00319 - Pre-Authentication Remote Code Execution (0day)

Some Seagate Business NAS devices are vulnerable to command execution via a local file include vulnerability hidden in the language parameter of the CodeIgniter session cookie. The vulnerability manifests in the way the language files are included in the code on the login page, and hence is open ...

10CVSS9.2AI score0.71515EPSS
Exploits8
Packet Storm
Packet Storm
added 2015/03/01 12:0 a.m.49 views

Seagate Business NAS 2014.00319 Remote Code Execution

!/usr/bin/env python Seagape ======= Seagate Business NAS pre-authentication remote code execution exploit as root user. by OJ Reeves @TheColonial - for full details please see https://beyondbinary.io/advisory/seagate-nas-rce/ Usage ===== seagape.py -c ua - ip : ip or host name of the target NAS ...

6.4CVSS9.7AI score0.43813EPSS
Exploits7
Exploit DB
Exploit DB
added 2015/03/01 12:0 a.m.65 views

Seagate Business NAS 2014.00319 - Remote Code Execution

!/usr/bin/env python Seagape ======= Seagate Business NAS pre-authentication remote code execution exploit as root user. by OJ Reeves @TheColonial - for full details please see https://beyondbinary.io/advisory/seagate-nas-rce/ Usage ===== seagape.py -c ua - ip : ip or host name of the target NAS ...

7.4AI score
Exploits0
Rows per page
Query Builder