Show filters
2 Total Results
Displaying 1-2 of 2
Sort by:
Attacker Value
Unknown

CVE-2017-18263

Disclosure Date: April 28, 2018 (last updated November 26, 2024)
Seagate Media Server in Seagate Personal Cloud before 4.3.18.4 has directory traversal in getPhotoPlaylistPhotos.psp via a parameter named url.
0
0
Attacker Value
Unknown

CVE-2018-5347

Disclosure Date: January 12, 2018 (last updated November 26, 2024)
Seagate Media Server in Seagate Personal Cloud has unauthenticated command injection in the uploadTelemetry and getLogs functions in views.py because .psp URLs are handled by the fastcgi.server component and shell metacharacters are mishandled.
0
0