10 Jul 2019

CVE-2018-12296

7.5 High Severity

Insufficient access control in /api/external/7.0/system.System.get_infos in Seagate NAS OS version 4.3.15.1 allows attackers to obtain information about the NAS without authentication via empty POST requests.

suggest your own:

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Apps (0)

Operating Systems (0)

xtranslations

xdetection

xremediation

Comments (0)