CVE-2014-3205

CRITICAL

Seagate BlackArmor NAS 220 and 110 Firmware - Use of Hard-coded Credentials

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2014-3205. PoCs published by Shayan S.

AI-analyzed exploit summary This exploit demonstrates multiple remote code execution (RCE) vulnerabilities in Seagate BlackArmor NAS devices, including command injection via unsanitized input in PHP scripts. The PoC includes examples of reverse shell payloads and highlights hardcoded credentials.

Description

backupmgt/pre_connect_check.php in Seagate BlackArmor NAS contains a hard-coded password of '!~@##$$%FREDESWWSED' for a backdoor user.

Exploits (1)

exploitdb WORKING POC

by Shayan S · textwebappshardware

https://www.exploit-db.com/exploits/33159

View Code ZIP pw:eip

This exploit demonstrates multiple remote code execution (RCE) vulnerabilities in Seagate BlackArmor NAS devices, including command injection via unsanitized input in PHP scripts. The PoC includes examples of reverse shell payloads and highlights hardcoded credentials.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Seagate BlackArmor NAS (all versions)

No auth needed

Prerequisites: Network access to the target device

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Exploit, Third Party Advisory, VDB Entry exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/33159/

Scores

CVSS v3 9.8

EPSS 0.0085

EPSS Percentile 75.4%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-798

Status published

Products (2)

seagate/blackarmor_nas_110_firmware

seagate/blackarmor_nas_220_firmware

Published Feb 23, 2018

Tracked Since Feb 18, 2026