{"uuid": "ed3d8b26-5648-491c-9913-6961a1961324", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-6627", "type": "seen", "source": "https://t.me/cibsecurity/54063", "content": "\u203c CVE-2020-6627 \u203c\n\nThe web-management application on Seagate Central NAS STCG2000300, STCG3000300, and STCG4000300 devices allows OS command injection via mv_backend_launch in cirrus/application/helpers/mv_backend_helper.php by leveraging the \"start\" state and sending a check_device_name request.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-06T18:41:11.000000Z"}