Vulnerability Note VU#903500
Seagate and LaCie wireless storage products contain multiple vulnerabilities
Original Release date: 01 Sep 2015 | Last revised: 10 Sep 2015
Multiple Seagate wireless storage products contain multiple vulnerabilities.
CWE-798: Use of Hard-coded Credentials – CVE-2015-2874
Some Seagate wireless storage products provide undocumented Telnet services accessible by using the default credentials of ‘root’ as username and the default password.
CWE-425: Direct Request (‘Forced Browsing’) – CVE-2015-2875
Under a default configuration, some Seagate wireless storage products provides an unrestricted file download capability to anonymous attackers with wireless access to the device. An attacker can directly download files from anywhere on the filesystem.
CWE-434: Unrestricted Upload of File with Dangerous Type – CVE-2015-2876
Under a default configuration, some Seagate wireless storage products provides a file upload capability to anonymous attackers with wireless access to the device’s /media/sda2 filesystem. This filesystem is reserved for file-sharing.
These vulnerabilities were confirmed by the reporter as existing in firmware versions 2.2.0.005 and 2.3.0.014, dating to October 2014. Other firmware versions may be affected.
The following devices are impacted by this issue:
Seagate Wireless Plus Mobile Storage
Seagate Wireless Mobile Storage
LaCie FUEL (note that LaCie is a subsidiary of Seagate since 2012)
A remote unauthenticated attacker may access arbitrary files on the storage device, or gain root access to the device.
Update the firmware
Seagate has released firmware 220.127.116.11 to address these issues in all affected devices. Affected users are encouraged to update the firmware as soon as possible. Customers may download the firmware from Seagate’s website. Seagate encourages any customer encountering issues to contact customer service at 1-800-SEAGATE.
Vendor Information (Learn More)
VendorStatusDate NotifiedDate UpdatedLaCieAffected-08 Sep 2015
Seagate Technology LLCAffected-07 Sep 2015If you are a vendor and your product is affected, let
CVSS Metrics (Learn More)
Thanks to Mike Baucom, Allen Harper, and J. Rach of Tangible Security for reporting this vulnerability to us. Tangible Security would also like to publically thank Seagate for their cooperation and desire to make their products and customers more secure.
This document was written by Garret Wassermann.
01 Sep 2015
Date First Published:
01 Sep 2015
Date Last Updated:
10 Sep 2015
FeedbackIf you have feedback, comments, or additional information about this vulnerability, please send us email.