GCVE - cpe:2.3:o:seagate:blackarmor_nas_220_firmware:sg2000-2000.1331:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:o:seagate:blackarmor_nas_220_firmware:sg2000-2000.1331:*:*:*:*:*:*:*

part: o version: sg2000-2000.1331 update: *

Vendor	Seagate (`32889122-7b7d-5a01-9d8b-1aaacddd8bee`)
Product	Blackarmor Nas 220 Firmware (`e5a7cde3-ad1e-50c2-bcc1-3b85926b5acc`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2013-6924`	vulnerable	2026-06-03 14:33:32.983024	Details available Seagate BlackArmor NAS devices with firmware sg2000-2000.1331 allow remote attackers to execute arbitrary commands via shell metacharacters in the ip parameter to backupmgt/getAlias.php. Published: 2017-10-11T12:00:00.000Z Updated: 2024-08-06T17:53:45.355Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/64655 http://packetstormsecurity.com/files/124688/Seagate-BlackArmor-NAS-sg2000-2000.1331-Remote-Command-Execution.html https://exchange.xforce.ibmcloud.com/vulnerabilities/90109	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2013-6923`	vulnerable	2026-06-03 14:33:32.982614	Details available Multiple cross-site scripting (XSS) vulnerabilities in Seagate BlackArmor NAS 220 devices with firmware sg2000-2000.1331 allow remote attackers to inject arbitrary web script or HTML via the (1) fullname parameter to admin/access_control_user_edit.php or (2) workname parameter to admin/network_workgroup_domain.php. Published: 2014-01-09T15:00:00.000Z Updated: 2024-08-06T17:53:45.728Z Open on db.gcve.eu Reference links http://packetstormsecurity.com/files/124685 https://exchange.xforce.ibmcloud.com/vulnerabilities/90111 http://www.exploit-db.com/exploits/30727	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2013-6922`	vulnerable	2026-06-03 14:33:32.980642	Details available Multiple cross-site request forgery (CSRF) vulnerabilities in the Seagate BlackArmor NAS 220 devices with firmware sg2000-2000.1331 allow remote attackers to hijack the authentication of administrators for requests that (1) add user accounts via a crafted request to admin/access_control_user_add.php; (2) modify or (3) delete user accounts; (4) perform a factory reset; (5) perform a device reboot; or (6) add, (7) modify, or (8) delete shares and volumes. Published: 2014-01-21T16:00:00.000Z Updated: 2024-08-06T17:53:44.820Z Open on db.gcve.eu Reference links http://secunia.com/advisories/56047 http://www.exploit-db.com/exploits/30726	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.

SeaGate BlackArmor NAS 220 Firmware SG2000-2000.1331

PURL mappings

Vulnerability references

Contribute