Seagate Media Server in Seagate Personal Cloud has unauthenticated command injection in the uploadTelemetry and getLogs functions in views.py because .psp URLs are handled by the fastcgi.server component and shell metacharacters are mishandled.
Metrics
Affected Vendors & Products
Advisories
No advisories yet.
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
No history.

Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-08-05T05:33:44.175Z
Reserved: 2018-01-11T00:00:00
Link: CVE-2018-5347

No data.

Status : Modified
Published: 2018-01-12T01:29:00.200
Modified: 2024-11-21T04:08:37.910
Link: CVE-2018-5347

No data.

No data.