Stealing all files from Seagate wireless disks is too easy

Pierluigi Paganini September 07, 2015

The CERT_org issued an alert on Seagate wireless disks because they contain multiple flaws that could be exploited to download their entire content.

CERT.org issued a warning related Seagate wireless disk because they include a hidden login, most exactly a Telnet services that is not documented.

This security issue allows anonymous attackers to download every file on the disk.

“Seagate wireless hard-drives provides undocumented Telnet services accessible by using the default credentials of ‘root’ as username and the default password.” States the CERT.

Unfortunately, there are also other problems affecting the devices, another vulnerability affecting the  Seagate wireless disk could be exploited to upload any file on the default sharing directory present on the device.

Seagate wireless disks 2

Below the complete list of vulnerabilities affecting the Seagate wireless disks:

CVE-2015-2874, where “Seagate wireless hard-drives provides undocumented Telnet services accessible by using the default credentials of ‘root’ as username and the default password.”

CVE-2015-2875, ” Under a default configuration, Seagate wireless hard-drives provides an unrestricted file download capability to anonymous attackers with wireless access to the device. An attacker can directly download files from anywhere on the file system.”

CVE-2015-2876, “Under a default configuration, Seagate wireless hard-drives provides a file upload capability to anonymous attackers with wireless access to the device’s /media/sda2 filesystem. This filesystem is reserved for the file-sharing.”

The above vulnerabilities can be exploited if the disks are running the firmware versions 2.2.0.005 and 2.3.0.014, dating to October 2014, but versions can be affected by these vulnerabilities as well.

What does that mean for a usual user? These three flaws can be exploited by an attacker on the user’s network (coming from the inside or outside) to access the files on the Seagate wireless disks with a root access which gives him full permissions.

In order to fix the security issued affecting the Seagate wireless disks, Seagate released the firmware version 3.4.1.105 and urges its customers to upload it as soon as possible.

About the Authors Elsio Pinto

Elsio Pinto (@high54security) is at the moment the Lead McAfee Security Engineer at Swiss Re, but he also as knowledge in the areas of malware research, forensics, ethical hacking. He had previous experiences in major institutions being the European Parliament one of them. He is a security enthusiast and tries his best to pass his knowledge. He also owns his own blog McAfee Security Engineer at Swiss Re, but he also as knowledge in the areas of malware research, forensics, ethical hacking. He had previous experiences in major institutions being the European Parliament one of them. He is a security enthusiast and tries his best to pass his knowledge. He also owns his own blog McAfee Security Engineer at Swiss Re, but he also as knowledge in the areas of malware research, forensics, ethical hacking. He had previous experiences in major institutions being the European Parliament one of them. He is a security enthusiast and tries his best to pass his knowledge. He also owns his own blog http://high54security.blogspot.com/

Pierluigi Paganini

(Security Affairs – Seagate wireless disks, hacking)



you might also like

leave a comment