CVE-2020-6627
- Reference to the description:
- Description:
- The web-management application on Seagate Central NAS STCG2000300, STCG3000300, and STCG4000300 devices allows OS command injection via mv_backend_launch in cirrus/application/helpers/mv_backend_helper.php by leveraging the "start" state and sending a check_device_name request.
- Last updated date:
- 05/26/2023
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 12/07/2022
- Reference url to background
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 12/07/2022
- Reference url to background
https://pentest.blog/advisory-seagate-central-storage-remote-code-execution/