Seagate NAS Firmware vulnerable to remote attacks

Seagate NAS FirwareCertain Seagate network-attached storage devices are vulnerable to remote attacks. A security firm form Australia named Beyond Binary disclosed the vulnerability few days ago¬†after an intense collaboration with Seagate engineers in order to make available a firmware update as soon as possible. In any case, it’s always good sense to not make those boxes reachable online, and use them always behind a good firewall. The vulnerability is related to the management of the sessions in the custom web application of the NAS. This in fact does not maintain sessions-related information on the server side, allowing an arbitrary data modification of the browser cookies. Further information can be found here

Leave a Reply

Your email address will not be published. Required fields are marked *

7 + 4 =