Seagate NAS drives are wide open

Seagate logoSecurity experts say that firmware for Seagate’s wireless NAS drive is hopeless and that a number of devices allow unauthorised access to files and settings.

Researchers at Tangible Security have discovered a series of vulnerabilities in Seagate gear which leave them wide open to hackers.

In one case, an undocumented Telnet feature could be used to gain control of the device by using the username ‘root’ and the hardcoded default password. Also other vulnerabilities allow for unauthorised browsing and downloading of files, as well as permitting malicious files to be uploaded.

Tangible Security says that Seagate Wireless Plus Mobile Storage, Seagate Wireless Mobile Storage, and LaCie FUEL drives are all dodgy but there may also be others.

The security issues are confirmed to exist with firmware versions 2.2.0.005 to 2.3.0.014. The problems were discovered in March, but a patch was only recently been published, along with an advisory notice from US CERT. Tangible Security issued a warning of its own:

Apparently, the problem is that Seagate has numerous product names for basically the same product under the same vendor’s name or another vendor. Other named products may be affected. The vulnerabilities allow Forced Browsing where the affected device firmware provides unrestricted file download capability and unrestricted uploads of dangerous files, thanks to the fact that the affected device firmware provides a file upload capability to the device’s /media/sda2 file system, which is reserved for the file sharing.