8.8

CVE-2015-2876

EPSS 0.45%
Veröffentlicht 31.12.2015 05:59:04
Zuletzt bearbeitet 12.04.2025 10:46:40
Quelle cret@cert.org
Teams Watchlist Login
Unerledigt Login

Unrestricted file upload vulnerability on Seagate GoFlex Satellite, Seagate Wireless Mobile Storage, Seagate Wireless Plus Mobile Storage, and LaCie FUEL devices with firmware before 3.4.1.105 allows remote attackers to execute arbitrary code by uploading a file to /media/sda2 during a Wi-Fi session.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 0 Referenzen 6

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Lacie ≫ Lac9000436u Firmware Version <= 2.3.0.014

Lacie ≫ Lac9000436u
Lacie ≫ Lac9000464u

Lacie ≫ Lac9000464u Firmware Version <= 2.3.0.014

Lacie ≫ Lac9000436u
Lacie ≫ Lac9000464u

Seagate ≫ Wireless Mobile Storage

Seagate ≫ Wireless Plus Mobile Storage

Seagate ≫ Goflex Sattelite

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.45%	0.609

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	8.8	2.8	5.9	CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	8.3	6.5	10	AV:A/AC:L/Au:N/C:C/I:C/A:C

https://www.kb.cert.org/vuls/id/903500

Third Party Advisory

US Government Resource

https://www.kb.cert.org/vuls/id/GWAN-9ZGTUH

Third Party Advisory

US Government Resource

https://www.kb.cert.org/vuls/id/GWAN-A26L3F

Third Party Advisory

US Government Resource

https://nvd.nist.gov/vuln/detail/CVE-2015-2876

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2015-2876

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2015-2876

EUVD