📦

personal_cloud

Vendor: seagate

Actively Exploited 0 CISA KEV List

PoC / Exploits 1 Code Available

Total RCEs 1 Remote Access

Total CVEs 2 Total Indexed

Avg. EPSS 26.29% Exploit Prob.

Latest CVE CVE-2017-18263 Apr 28

Security Vulnerability Index

Page 1 / 1

7.5 CVSS

CVE-2017-18263

Seagate Media Server in Seagate Personal Cloud before 4.3.18.4 has directory traversal in getPhotoPlaylistPhotos.psp via a parameter named url.

EPSS: 5.57%

Severity: HIGH

Apr 28, 2018

9.8 CVSS

CVE-2018-5347

RCE Exploit Found

Seagate Media Server in Seagate Personal Cloud has unauthenticated command injection in the uploadTelemetry and getLogs functions in views.py because .psp URLs are handled by the fastcgi.server component and shell metacharacters are mishandled.

EPSS: 47.02%

Severity: CRITICAL

Jan 12, 2018

Displaying 2 of 2 Total Entries

Total 1 Sections