Seagate Central Storage 2015.0916 User Creation / Command Execution

Posted on 26 May 2023

This Metasploit module exploits the broken access control vulnerability in Seagate Central External NAS Storage device. Subject product suffers several critical vulnerabilities such as broken access control. It makes it possible to change the device state and register a new admin user which is capable of SSH access.