CVE-2015-2876
published 2015-12-31CVE-2015-2876: Unrestricted file upload vulnerability on Seagate GoFlex Satellite, Seagate Wireless Mobile Storage, Seagate Wireless Plus Mobile Storage, and LaCie FUEL…
PriorityP353high8.8CVSS 3.0
AVAACLPRNUINSUCHIHAH
EPSS
2.77%
84.5th percentile
Unrestricted file upload vulnerability on Seagate GoFlex Satellite, Seagate Wireless Mobile Storage, Seagate Wireless Plus Mobile Storage, and LaCie FUEL devices with firmware before 3.4.1.105 allows remote attackers to execute arbitrary code by uploading a file to /media/sda2 during a Wi-Fi session.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| lacie | lac9000436u_firmware | <= 2.3.0.014 | — |
| lacie | lac9000464u_firmware | <= 2.3.0.014 | — |
CVSS provenance
nvdv3.08.8HIGHCVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.08.3HIGHAV:A/AC:L/Au:N/C:C/I:C/A:C
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2015-12-31
Published