Arbitrary Redirect Vulnerability in Seagate NAS OS 4.3.15.1 via 'state' URL Parameter

Arbitrary Redirect Vulnerability in Seagate NAS OS 4.3.15.1 via 'state' URL Parameter

CVE-2018-12300 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:N

Arbitrary Redirect in echo-server.html in Seagate NAS OS version 4.3.15.1 allows attackers to disclose information in the Referer header via the 'state' URL parameter.

Learn more about our Cis Benchmark Audit For Server Software.