CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2018-12298

HIGH
7.5
CVSS Severity Score
EPSS Score0.1010%
EPSS Percentile44.24th
Published2019年5月13日
Last Modified2024年11月21日

Vulnerability Description

Directory Traversal in filebrowser in Seagate NAS OS 4.3.15.1 allows attackers to read files within the application's container via a URL path.

Affected Platforms (CPE)

💻
Seagate

Nas Os

= 4.3.15.1

References & Advisories

🔗 https://blog.securityevaluators.com/invading-your-personal-cloud-ise-labs-exploits-the-seagate-stcr3000101-ecf89de2170
🔗 https://blog.securityevaluators.com/invading-your-personal-cloud-ise-labs-exploits-the-seagate-stcr3000101-ecf89de2170

相關漏洞威脅

CVE-2007-154310.0

Stack-based buffer overflow in the accept_att_local function in server/os/connection.c in Network Audio System (NAS) before 1.8a S...

CVE-2008-708110.0

userHandler.cgi in RaidSonic ICY BOX NAS firmware 2.3.2.IB.2.RS.1 allows remote attackers to bypass authentication and gain admini...

CVE-2021-2879910.0

An improper authorization vulnerability has been reported to affect QNAP NAS running HBS 3 (Hybrid Backup Sync. ) If exploited, th...

CVE-2013-566710.0

The Thecus NAS server N8800 with firmware 5.03.01 allows remote attackers to execute arbitrary commands via a get_userid action wi...