Security expert found more than 33000 Seagate’s GoFlex Home network-attached storage (NAS) devices vulnerable exposed online.
Seagate has patched several vulnerabilities in its Personal Cloud and GoFlex products, but unfortunately, some flaws remain unpatched.
In September, researcher Aditya K. Sood discovered vulnerabilities that can be exploited by attackers to launch cross-site scripting (XSS) and man-in-the-middle (MitM) attacks against Seagate GoFlex Home NAS product.
GoFlex Home NAS devices run a web service accessible at seagateshare.com, that allows users to remotely manage the device and its content. Customers can access their storage by providing the device name, and login credentials.
The GoFlex firmware runs an HTTP server that requires users to enable port forwarding on their router in order to connect to the web service.
Sood noticed that the HTTP server supports the obsolete protocols SSLv2 and SSLv3, while the web service seagateshare.com service supports SSLv3.
Both protocols expose the users to MiTM attacks, including DROWN and POODLE.
“It has been discovered that embedded server still supports SSLv2 / SSLv3 whereas the seagateshare.com supports SSLv3. We have looked into 50,000+ devices that are running on unique IPs that have SSLv2/ SSLv3 enabled.” states the analysis published by the expert. “Additionally, during standard tests, we have collected 17000+ URLs of seagateshare.com with unique device_ids.”
The expert also discovered an XSS in the seagateshare.com website that could be exploited by an attacker to execute malicious code in the context of a user’s browsing session by tricking the victim into clicking on a specially crafted link.
The bad news for Seagate users is that the company has only fixed the XSS flaw, it doesn’t plan on fixing the remaining issue related to the use of SSLv2 and SSLv3.
Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer.
Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US.
Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines.
Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.