8.8

CVE-2015-2876

EPSS 0.45%
Published 31.12.2015 05:59:04
Last modified 12.04.2025 10:46:40
Source cret@cert.org
Teams watchlist Login
Open Login

Unrestricted file upload vulnerability on Seagate GoFlex Satellite, Seagate Wireless Mobile Storage, Seagate Wireless Plus Mobile Storage, and LaCie FUEL devices with firmware before 3.4.1.105 allows remote attackers to execute arbitrary code by uploading a file to /media/sda2 during a Wi-Fi session.

Affected products Warnungen 0 Metrics 3 CWE 0 References 6

Data is provided by the National Vulnerability Database (NVD)

Lacie ≫ Lac9000436u Firmware Version <= 2.3.0.014

Lacie ≫ Lac9000436u
Lacie ≫ Lac9000464u

Lacie ≫ Lac9000464u Firmware Version <= 2.3.0.014

Lacie ≫ Lac9000436u
Lacie ≫ Lac9000464u

Seagate ≫ Wireless Mobile Storage

Seagate ≫ Wireless Plus Mobile Storage

Seagate ≫ Goflex Sattelite

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.45%	0.609

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	8.8	2.8	5.9	CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	8.3	6.5	10	AV:A/AC:L/Au:N/C:C/I:C/A:C

https://www.kb.cert.org/vuls/id/903500

Third Party Advisory

US Government Resource

https://www.kb.cert.org/vuls/id/GWAN-9ZGTUH

Third Party Advisory

US Government Resource

https://www.kb.cert.org/vuls/id/GWAN-A26L3F

Third Party Advisory

US Government Resource

https://nvd.nist.gov/vuln/detail/CVE-2015-2876

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2015-2876

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2015-2876

EUVD