CVE-2015-2876

Name of the Vulnerable Software and Affected Versions Seagate GoFlex Satellite versions prior to 3.4.1.105 Seagate Wireless Mobile Storage versions prior to 3.4.1.105 Seagate Wireless Plus Mobile Storage versions prior to 3.4.1.105 LaCie FUEL versions prior to 3.4.1.105

Description The issue is related to an unrestricted file upload, allowing remote attackers to execute arbitrary code by uploading a file to "/media/sda2" during a Wi-Fi session. This can be exploited to gain unauthorized access and control over the device.

Recommendations For Seagate GoFlex Satellite versions prior to 3.4.1.105, update the firmware to version 3.4.1.105 or later. For Seagate Wireless Mobile Storage versions prior to 3.4.1.105, update the firmware to version 3.4.1.105 or later. For Seagate Wireless Plus Mobile Storage versions prior to 3.4.1.105, update the firmware to version 3.4.1.105 or later. For LaCie FUEL versions prior to 3.4.1.105, update the firmware to version 3.4.1.105 or later. As a temporary workaround, consider restricting access to the "/media/sda2" directory during Wi-Fi sessions until the firmware is updated.