📦

wireless_plus_mobile_storage

Vendor: seagate

Actively Exploited 0 CISA KEV List

PoC / Exploits 0 Code Available

Total RCEs 1 Remote Access

Total CVEs 6 Total Indexed

Avg. EPSS 2.30% Exploit Prob.

Latest CVE CVE-2015-2876 Dec 31

Security Vulnerability Index

Page 1 / 1

8.8 CVSS

CVE-2015-2876

RCE

Unrestricted file upload vulnerability on Seagate GoFlex Satellite, Seagate Wireless Mobile Storage, Seagate Wireless Plus Mobile Storage, and LaCie FUEL devices with firmware before 3.4.1.105 allows remote attackers to execute arbitrary code by uploading a file to /media/sda2 during a Wi-Fi session.

EPSS: 1.45%

Severity: HIGH

Dec 31, 2015

7.5 CVSS

CVE-2015-2875

Absolute path traversal vulnerability on Seagate GoFlex Satellite, Seagate Wireless Mobile Storage, Seagate Wireless Plus Mobile Storage, and LaCie FUEL devices with firmware before 3.4.1.105 allows remote attackers to read arbitrary files via a full pathname in a download request during a Wi-Fi session.

EPSS: 2.43%

Severity: HIGH

Dec 31, 2015

9.8 CVSS

CVE-2015-2874

Seagate GoFlex Satellite, Seagate Wireless Mobile Storage, Seagate Wireless Plus Mobile Storage, and LaCie FUEL devices with firmware before 3.4.1.105 have a default password of root for the root account, which allows remote attackers to obtain administrative access via a TELNET session.

EPSS: 3.02%

Severity: CRITICAL

Dec 31, 2015

Displaying 3 of 6 Total Entries

Total 1 Sections