var-201401-0161
Vulnerability from variot
Multiple cross-site scripting (XSS) vulnerabilities in Seagate BlackArmor NAS 220 devices with firmware sg2000-2000.1331 allow remote attackers to inject arbitrary web script or HTML via the (1) fullname parameter to admin/access_control_user_edit.php or (2) workname parameter to admin/network_workgroup_domain.php. The Seagate BlackArmor NAS is a network storage device. The workgroup configuration is subject to a persistent cross-site scripting attack. When a user is added to the device, the application does not properly filter the user name field data, allowing the attacker to exploit the vulnerability to inject malicious scripts or HTML code. BlackArmor NAS 220 storage server is prone to the following remote security vulnerabilities: 1. Multiple cross-site request forgery vulnerabilities 2. Multiple HTML-injection vulnerabilities 3. An arbitrary code-execution vulnerability Attackers can exploit these issues to perform certain unauthorized actions, execute HTML and script code and steal cookie-based authentication credentials and execute arbitrary code. Other attacks are possible. BlackArmor NAS 220 running firmware sg2000-2000.1331 is vulnerable; other versions may also be affected. It can provide layered protection, data increment and system backup and recovery for business-critical data. The vulnerability is caused by the admin/access_control_user_edit.php script not adequately filtering the 'fullname' parameter and the admin/network_workgroup_domain.php script not properly filtering the 'workname' parameter . # Exploit Title: Seagate BlackArmor NAS - Multiple Persistent Cross Site Scripting Vulnerabilities
Google Dork: N/A
Date: 04-01-2014
Exploit Author: Jeroen - IT Nerdbox
Vendor Homepage: http://www.seagate.com/ http://www.seagate.com/
Software Link:
<http://www.seagate.com/support/downloads/item/banas-220-firmware-master-dl/
http://www.seagate.com/support/downloads/item/banas-220-firmware-master-dl/
Version: sg2000-2000.1331
Tested on: N/A
CVE : CVE-2013-6923
Description:
When adding a user to the device, it is possible to enter a full name.
This input field does not
sanitize its input and it is possible to enter any payload which will get
executed upon reload. The Work Group name input
field does not sanitize its input.
This vulnerability was reported to Seagate in September 2013, they stated
that this will not be fixed.
Proof of Concept #1:
POST: http(s):///admin/access_control_user_edit.php?id=2&lang=en
Parameters:
index = 2
fullname = alert(1);
submit = Submit
Proof of Concept #2:
POST: http(s)://<url |
ip>/admin/network_workgroup_domain.php?lang=en&gi=n003
Parameter:
workname = ">
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201401-0161",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "blackarmor nas 220",
"scope": "eq",
"trust": 2.4,
"vendor": "seagate",
"version": "sg2000-2000.1331"
},
{
"model": "blackarmor nas 220",
"scope": "eq",
"trust": 1.8,
"vendor": "seagate",
"version": "st320005lsa10g-rk"
},
{
"model": "blackarmor nas 220",
"scope": "eq",
"trust": 1.8,
"vendor": "seagate",
"version": "st340005lsa10g-rk"
},
{
"model": "blackarmor nas 220",
"scope": "eq",
"trust": 1.8,
"vendor": "seagate",
"version": "stav6000100"
},
{
"model": "technology llc blackarmor nas sg2000-2000.1331",
"scope": "eq",
"trust": 0.6,
"vendor": "seagate",
"version": "220"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-00094"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001028"
},
{
"db": "CNNVD",
"id": "CNNVD-201401-126"
},
{
"db": "NVD",
"id": "CVE-2013-6923"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:seagate:blackarmor_nas_220",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:seagate:blackarmor_nas_220_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-001028"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Jeroen - IT Nerdbox",
"sources": [
{
"db": "BID",
"id": "64655"
}
],
"trust": 0.3
},
"cve": "CVE-2013-6923",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2013-6923",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CNVD-2014-00094",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-66925",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2013-6923",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2013-6923",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2014-00094",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201401-126",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-66925",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-00094"
},
{
"db": "VULHUB",
"id": "VHN-66925"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001028"
},
{
"db": "CNNVD",
"id": "CNNVD-201401-126"
},
{
"db": "NVD",
"id": "CVE-2013-6923"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple cross-site scripting (XSS) vulnerabilities in Seagate BlackArmor NAS 220 devices with firmware sg2000-2000.1331 allow remote attackers to inject arbitrary web script or HTML via the (1) fullname parameter to admin/access_control_user_edit.php or (2) workname parameter to admin/network_workgroup_domain.php. The Seagate BlackArmor NAS is a network storage device. The workgroup configuration is subject to a persistent cross-site scripting attack. When a user is added to the device, the application does not properly filter the user name field data, allowing the attacker to exploit the vulnerability to inject malicious scripts or HTML code. BlackArmor NAS 220 storage server is prone to the following remote security vulnerabilities:\n1. Multiple cross-site request forgery vulnerabilities\n2. Multiple HTML-injection vulnerabilities\n3. An arbitrary code-execution vulnerability\nAttackers can exploit these issues to perform certain unauthorized actions, execute HTML and script code and steal cookie-based authentication credentials and execute arbitrary code. Other attacks are possible. \nBlackArmor NAS 220 running firmware sg2000-2000.1331 is vulnerable; other versions may also be affected. It can provide layered protection, data increment and system backup and recovery for business-critical data. The vulnerability is caused by the admin/access_control_user_edit.php script not adequately filtering the \u0027fullname\u0027 parameter and the admin/network_workgroup_domain.php script not properly filtering the \u0027workname\u0027 parameter . # Exploit Title: Seagate BlackArmor NAS - Multiple Persistent Cross Site\nScripting Vulnerabilities\n \n# Google Dork: N/A\n \n# Date: 04-01-2014\n \n# Exploit Author: Jeroen - IT Nerdbox\n \n# Vendor Homepage: \u003chttp://www.seagate.com/\u003e http://www.seagate.com/\n \n# Software Link:\n\u003chttp://www.seagate.com/support/downloads/item/banas-220-firmware-master-dl/\n\u003e\nhttp://www.seagate.com/support/downloads/item/banas-220-firmware-master-dl/\n \n# Version: sg2000-2000.1331\n \n# Tested on: N/A\n \n# CVE : CVE-2013-6923\n \n#\n \n## Description:\n \n#\n \n# When adding a user to the device, it is possible to enter a full name. \nThis input field does not\n \n# sanitize its input and it is possible to enter any payload which will get\nexecuted upon reload. The Work\nGroup name input\n# field does not sanitize its input. \n \n#\n# This vulnerability was reported to Seagate in September 2013, they stated\nthat this will not be fixed. \n \n#\n \n## Proof of Concept #1:\n \n#\n \n# POST: http(s)://\u003curl | ip\u003e/admin/access_control_user_edit.php?id=2\u0026lang=en\n# Parameters:\n \n#\n \n# index = 2\n# fullname = \u003cscript\u003ealert(1);\u003c/script\u003e\n# submit = Submit\n \n#\n \n#\n \n## Proof of Concept #2:\n \n#\n \n# POST: http(s)://\u003curl |\nip\u003e/admin/network_workgroup_domain.php?lang=en\u0026gi=n003\n \n# Parameter:\n \n#\n \n# workname = \"\u003e\u003cinput onmouseover=prompt(1) \u003e\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-6923"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001028"
},
{
"db": "CNVD",
"id": "CNVD-2014-00094"
},
{
"db": "BID",
"id": "64655"
},
{
"db": "VULHUB",
"id": "VHN-66925"
},
{
"db": "PACKETSTORM",
"id": "124685"
}
],
"trust": 2.61
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-66925",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-66925"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-6923",
"trust": 3.5
},
{
"db": "PACKETSTORM",
"id": "124685",
"trust": 2.6
},
{
"db": "EXPLOIT-DB",
"id": "30727",
"trust": 2.3
},
{
"db": "XF",
"id": "90111",
"trust": 1.4
},
{
"db": "BID",
"id": "64655",
"trust": 0.9
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001028",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201401-126",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2014-00094",
"trust": 0.6
},
{
"db": "XF",
"id": "20136923",
"trust": 0.6
},
{
"db": "SEEBUG",
"id": "SSVID-84094",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-66925",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-00094"
},
{
"db": "VULHUB",
"id": "VHN-66925"
},
{
"db": "BID",
"id": "64655"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001028"
},
{
"db": "PACKETSTORM",
"id": "124685"
},
{
"db": "CNNVD",
"id": "CNNVD-201401-126"
},
{
"db": "NVD",
"id": "CVE-2013-6923"
}
]
},
"id": "VAR-201401-0161",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-00094"
},
{
"db": "VULHUB",
"id": "VHN-66925"
}
],
"trust": 1.54343433
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-00094"
}
]
},
"last_update_date": "2024-11-23T22:35:17.314000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "BlackArmor NAS 220",
"trust": 0.8,
"url": "http://www.seagate.com/jp/ja/external-hard-drives/network-storage/business/blackarmor-nas-220/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-001028"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-66925"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001028"
},
{
"db": "NVD",
"id": "CVE-2013-6923"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://packetstormsecurity.com/files/124685"
},
{
"trust": 1.7,
"url": "http://www.exploit-db.com/exploits/30727"
},
{
"trust": 1.4,
"url": "http://xforce.iss.net/xforce/xfdb/90111"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90111"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-6923"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-6923"
},
{
"trust": 0.6,
"url": "http://www.exploit-db.com/exploits/30727/"
},
{
"trust": 0.1,
"url": "http://www.seagate.com/support/downloads/item/banas-220-firmware-master-dl/"
},
{
"trust": 0.1,
"url": "http://www.seagate.com/\u003e"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-6923"
},
{
"trust": 0.1,
"url": "http://www.seagate.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-00094"
},
{
"db": "VULHUB",
"id": "VHN-66925"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001028"
},
{
"db": "PACKETSTORM",
"id": "124685"
},
{
"db": "CNNVD",
"id": "CNNVD-201401-126"
},
{
"db": "NVD",
"id": "CVE-2013-6923"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2014-00094"
},
{
"db": "VULHUB",
"id": "VHN-66925"
},
{
"db": "BID",
"id": "64655"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001028"
},
{
"db": "PACKETSTORM",
"id": "124685"
},
{
"db": "CNNVD",
"id": "CNNVD-201401-126"
},
{
"db": "NVD",
"id": "CVE-2013-6923"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-01-08T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-00094"
},
{
"date": "2014-01-09T00:00:00",
"db": "VULHUB",
"id": "VHN-66925"
},
{
"date": "2014-01-06T00:00:00",
"db": "BID",
"id": "64655"
},
{
"date": "2014-01-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-001028"
},
{
"date": "2014-01-06T13:02:22",
"db": "PACKETSTORM",
"id": "124685"
},
{
"date": "2014-01-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201401-126"
},
{
"date": "2014-01-09T18:55:08.150000",
"db": "NVD",
"id": "CVE-2013-6923"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-01-08T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-00094"
},
{
"date": "2017-08-29T00:00:00",
"db": "VULHUB",
"id": "VHN-66925"
},
{
"date": "2015-03-19T09:05:00",
"db": "BID",
"id": "64655"
},
{
"date": "2014-01-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-001028"
},
{
"date": "2014-01-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201401-126"
},
{
"date": "2024-11-21T01:59:58.583000",
"db": "NVD",
"id": "CVE-2013-6923"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201401-126"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Seagate BlackArmor NAS 220 Cross-site scripting vulnerability in device firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-001028"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "xss",
"sources": [
{
"db": "PACKETSTORM",
"id": "124685"
},
{
"db": "CNNVD",
"id": "CNNVD-201401-126"
}
],
"trust": 0.7
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…