Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple cross-site request forgery (CSRF) vulnerabilities in the Seagate BlackArmor NAS 220 devices with firmware sg2000-2000.1331 allow remote attackers to hijack the authentication of administrators for requests that (1) add user accounts via a crafted request to admin/access_control_user_add.php; (2) modify or (3) delete user accounts; (4) perform a factory reset; (5) perform a device reboot; or (6) add, (7) modify, or (8) delete shares and volumes.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Seagate BlackArmor NAS 220 跨站脚请求伪造漏洞
Vulnerability Description
Seagate BlackArmor NAS 220是美国希捷(Seagate)公司的一款网络存储服务器,它可对业务关键数据提供分层保护、数据增量和系统备份、恢复等。 使用sg2000-2000.1331版本固件的Seagate BlackArmor NAS 220设备中存在跨站脚请求伪造漏洞,该漏洞源于程序没有正确验证请求。远程认证攻击者可利用该漏洞执行未授权操作,如:(1)向admin/access_control_user_add.php发送特制请求添加用户账户;(2)修改或删除用户账户;(3)恢复
CVSS Information
N/A
Vulnerability Type
N/A