Lacie Lac9000436U Firmware vulnerabilities
3 known vulnerabilities affecting lacie/lac9000436u_firmware.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH2
Vulnerabilities
Page 1 of 1
CVE-2015-2874P2CRITICALCVSS 9.8≤ 2.3.0.0142015-12-31
CVE-2015-2874 [CRITICAL] CWE-255 CVE-2015-2874: Seagate GoFlex Satellite, Seagate Wireless Mobile Storage, Seagate Wireless Plus Mobile Storage, and
Seagate GoFlex Satellite, Seagate Wireless Mobile Storage, Seagate Wireless Plus Mobile Storage, and LaCie FUEL devices with firmware before 3.4.1.105 have a default password of root for the root account, which allows remote attackers to obtain administrative access via a TELNET session.
nvd
CVE-2015-2876P3HIGHCVSS 8.8≤ 2.3.0.0142015-12-31
CVE-2015-2876 [HIGH] CVE-2015-2876: Unrestricted file upload vulnerability on Seagate GoFlex Satellite, Seagate Wireless Mobile Storage,
Unrestricted file upload vulnerability on Seagate GoFlex Satellite, Seagate Wireless Mobile Storage, Seagate Wireless Plus Mobile Storage, and LaCie FUEL devices with firmware before 3.4.1.105 allows remote attackers to execute arbitrary code by uploading a file to /media/sda2 during a Wi-Fi session.
nvd
CVE-2015-2875P3HIGHCVSS 7.5≤ 2.3.0.0142015-12-31
CVE-2015-2875 [HIGH] CWE-22 CVE-2015-2875: Absolute path traversal vulnerability on Seagate GoFlex Satellite, Seagate Wireless Mobile Storage,
Absolute path traversal vulnerability on Seagate GoFlex Satellite, Seagate Wireless Mobile Storage, Seagate Wireless Plus Mobile Storage, and LaCie FUEL devices with firmware before 3.4.1.105 allows remote attackers to read arbitrary files via a full pathname in a download request during a Wi-Fi session.
nvd