Threat Level: green Handler on Duty: Rick Wanner

SANS ISC Internet Storm Center


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Latest Diaries

Advisory: Seagate NAS Remote Code Execution

Published: 2015-03-01
Last Updated: 2015-03-01 16:14:02 UTC
by Rick Wanner (Version: 1)
1 comment(s)

Beyond Binary is reporting a vulnerability affecting Seagate's Business Storage line of NAS devices and possibly other Seagate NAS products. These are fairly common devices in SOHO and even small enterprise applications. 

It appears that a number of OTS components and the custom web application used in the web management interface are out of date and will permit unimpeded access to the administration functions of the device.  It is believe that versions of the firmware up to and including 2014.00319 are vulnerable. 

It appears to be trivial to exploit the devices and a metasploit module and an exploit are publicly available.

It is hoped that if you have one of these devices in your network that you do not have the administration interface accessible on the Internet.  If you do you will want to remove it. You can be sure that the bad guys have started scanning for these devices. At this point no updated firmware is available to resolve this issue.

-- Rick Wanner MSISE - rwanner at isc dot sans dot edu - http://namedeplume.blogspot.com/ - Twitter:namedeplume (Protected)

Keywords: NAS Seagate
1 comment(s)

If you have more information or corrections regarding our diary, please share.

Recent Diaries

Let's Encrypt!
1 day ago by Rick (2 comments)

DDOS are way down? Why?
2 days ago by Rick (1 comment)

New Feature: Subnet Report
3 days ago by Dr. J. (1 comment)

Samba vulnerability - Remote Code Execution - (CVE-2015-0240)
3 days ago by Chris (0 comments)

Copy.com Used to Distribute Crypto Ransomware
4 days ago by Dr. J. (3 comments)

11 Ways To Track Your Moves When Using a Web Browser
5 days ago by Dr. J. (3 comments)

Subscribing to the DShield Top 20 on a Palo Alto Networks Firewall
6 days ago by Richard (4 comments)

View All Diaries →

Latest Discussions

Google's security-focused Android and Chrome for Work
created 3 days ago by Anonymous (0 replies)

How do I fix website security certificate errors?
created 6 days ago by Alvirajohn (0 replies)

Please help with securing my website
created 3 weeks ago by Anonymous (0 replies)

Please help with securing my website
created 3 weeks ago by Anonymous (2 replies)

your EMET 5.1 experience?
created 1 month ago by Mallory Bobalice (4 replies)

View All Forums →

Latest News

View All News →