CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-2875

Absolute path traversal vulnerability on Seagate GoFlex Satellite, Seagate Wireless Mobile Storage, Seagate Wireless Plus Mobile Storage, and LaCie FUEL devices with firmware before 3.4.1.105 allows remote attackers to read arbitrary files via a full pathname in a download request during a Wi-Fi session.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.023

EPSS Ranking 84.2%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 7.8

References

Products affected by CVE-2015-2875

Lacie » Lac9000436u » Version: N/A

cpe:2.3:h:lacie:lac9000436u:-
Lacie » Lac9000464u » Version: N/A

cpe:2.3:h:lacie:lac9000464u:-
Seagate » Goflex Sattelite » Version: N/A

cpe:2.3:h:seagate:goflex_sattelite:-
Seagate » Wireless Mobile Storage » Version: N/A

cpe:2.3:h:seagate:wireless_mobile_storage:-
Seagate » Wireless Plus Mobile Storage » Version: N/A

cpe:2.3:h:seagate:wireless_plus_mobile_storage:-
Lacie » Lac9000436u Firmware » Version: 2.3.0.014

cpe:2.3:o:lacie:lac9000436u_firmware:2.3.0.014
Lacie » Lac9000464u Firmware » Version: 2.3.0.014

cpe:2.3:o:lacie:lac9000464u_firmware:2.3.0.014

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-2875

Products

Pricing

Contact Us