Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Seagate Subscribe
Filtered by product Personal Cloud Firmware
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-5347 1 Seagate 2 Personal Cloud, Personal Cloud Firmware 2019-10-02 10.0 HIGH 9.8 CRITICAL
Seagate Media Server in Seagate Personal Cloud has unauthenticated command injection in the uploadTelemetry and getLogs functions in views.py because .psp URLs are handled by the fastcgi.server component and shell metacharacters are mishandled.
CVE-2017-18263 1 Seagate 2 Personal Cloud, Personal Cloud Firmware 2018-06-05 5.0 MEDIUM 7.5 HIGH
Seagate Media Server in Seagate Personal Cloud before 4.3.18.4 has directory traversal in getPhotoPlaylistPhotos.psp via a parameter named url.