CVE-2015-2876

Description

Unrestricted file upload vulnerability on Seagate GoFlex Satellite, Seagate Wireless Mobile Storage, Seagate Wireless Plus Mobile Storage, and LaCie FUEL devices with firmware before 3.4.1.105 allows remote attackers to execute arbitrary code by uploading a file to /media/sda2 during a Wi-Fi session.

Predictions

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

No vendor mitigations ingested yet for this CVE. The mitigation-content worker queues fetches as references arrive — check back in a few minutes, or see the references list below.

References

• https://www.kb.cert.org/vuls/id/903500
• https://www.kb.cert.org/vuls/id/GWAN-9ZGTUH
• https://www.kb.cert.org/vuls/id/GWAN-A26L3F
• https://www.kb.cert.org/vuls/id/903500
• https://www.kb.cert.org/vuls/id/GWAN-9ZGTUH
• https://www.kb.cert.org/vuls/id/GWAN-A26L3F