CVE-2013-6924

CRITICAL

Seagate BlackArmor NAS 220 Firmware sg2000-2000.1331 - Remote Command Execution via backupmgt/getAlias.php ip Parameter

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2013-6924. PoCs published by Jeroen - IT Nerdbox.

AI-analyzed exploit summary This exploit leverages a command injection vulnerability in Seagate BlackArmor NAS via the 'ip' parameter in getAlias.php. The vulnerability allows remote command execution by manipulating the GET parameter to inject arbitrary commands.

Description

Seagate BlackArmor NAS devices with firmware sg2000-2000.1331 allow remote attackers to execute arbitrary commands via shell metacharacters in the ip parameter to backupmgt/getAlias.php.

Exploits (2)

exploitdb WORKING POC
by Jeroen - IT Nerdbox · textwebappshardware
https://www.exploit-db.com/exploits/30725

This exploit leverages a command injection vulnerability in Seagate BlackArmor NAS via the 'ip' parameter in getAlias.php. The vulnerability allows remote command execution by manipulating the GET parameter to inject arbitrary commands.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: Seagate BlackArmor NAS sg2000-2000.1331
No auth needed
Prerequisites: Network access to the target device · The vulnerable endpoint /backupmgt/getAlias.php must be accessible
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC
by Jeroen - IT Nerdbox · phpwebappshardware
https://www.exploit-db.com/exploits/30723

This exploit targets CVE-2013-6924, a command injection vulnerability in Seagate BlackArmor NAS devices. It retrieves configuration details, user hashes, and executes remote commands via a vulnerable backup management endpoint.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Seagate BlackArmor NAS
No auth needed
Prerequisites: Network access to the target device · Vulnerable backup management endpoint exposed
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/64655
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/90109

Scores

CVSS v3 9.8
EPSS 0.4836
EPSS Percentile 97.8%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-77
Status published
Products (1)
seagate/blackarmor_nas_220_firmware sg2000-2000.1331
Published Oct 11, 2017
Tracked Since Feb 18, 2026