📦

stcg2000300

Vendor: seagate

Login to add this product to WatchStack
Actively Exploited 0 CISA KEV List
PoC / Exploits 1 Code Available
Total RCEs 1 Remote Access
Total CVEs 1 Total Indexed
Avg. EPSS 14.26% Exploit Prob.
Latest CVE CVE-2020-6627 Dec 06

Security Vulnerability Index

Page 1 / 1
9.8 CVSS
CVE-2020-6627
RCE Exploit Found

The web-management application on Seagate Central NAS STCG2000300, STCG3000300, and STCG4000300 devices allows OS command injection via mv_backend_launch in cirrus/application/helpers/mv_backend_helper.php by leveraging the "start" state and sending a check_device_name request.

EPSS: 14.26%