CVE-2013-6922

EIP tracks 1 public exploit for CVE-2013-6922. PoCs published by Jeroen - IT Nerdbox.

AI-analyzed exploit summary This exploit demonstrates a CSRF vulnerability in Seagate BlackArmor NAS, allowing an attacker to add an administrative user via a crafted POST request. The PoC includes parameters for username, password, and admin privileges.

Multiple cross-site request forgery (CSRF) vulnerabilities in the Seagate BlackArmor NAS 220 devices with firmware sg2000-2000.1331 allow remote attackers to hijack the authentication of administrators for requests that (1) add user accounts via a crafted request to admin/access_control_user_add.php; (2) modify or (3) delete user accounts; (4) perform a factory reset; (5) perform a device reboot; or (6) add, (7) modify, or (8) delete shares and volumes.