Vulnerabilities > CVE-2015-2876

047910
CVSS 8.3 - HIGH
Attack vector
ADJACENT_NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
low complexity
lacie
seagate

Summary

Unrestricted file upload vulnerability on Seagate GoFlex Satellite, Seagate Wireless Mobile Storage, Seagate Wireless Plus Mobile Storage, and LaCie FUEL devices with firmware before 3.4.1.105 allows remote attackers to execute arbitrary code by uploading a file to /media/sda2 during a Wi-Fi session. <a href="http://cwe.mitre.org/data/definitions/434.html">CWE-434: Unrestricted Upload of File with Dangerous Type</a>

Packetstorm

data sourcehttps://packetstormsecurity.com/files/download/138597/bsnlteracom-upload.txt
idPACKETSTORM:138597
last seen2016-12-05
published2016-09-03
reporterAjay Gowtham
sourcehttps://packetstormsecurity.com/files/138597/BSNL-Teracom-Router-Firmware-Rewrite-Link-Modification.html
titleBSNL Teracom Router Firmware Rewrite / Link Modification