virus logo Intrusion Prevention

Seagate.Business.NAS.PreAuthentication.Code.Execution

description-logoDescription

This indicates an attack attempt against a File Inclusion vulnerability in Seagate Business NAS Web Service.
The vulnerability is caused by an error when handling the language parameter of the CodeIgniter session cookie. It allows a remote attacker to execute arbitrary code on vulnerable systems via a crafted http request.

affected-products-logoAffected Products

Seagate Business NAS 2014.00319 and earlier versions

Impact logoImpact

System Compromise: Remote attacker can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Currently we are not aware of any vendor supplied patch for this issue.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2021-08-04 18.133 Sig Added

References

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/seagate_nas_php_exec_noauth.rb http://www.exploit-db.com/exploits/36202/
ID 40204
Created Mar 19, 2015
Updated May 02, 2022
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
CVE ID
Default Action drop
Active
Affected OS Linux
Affected App PHP_app