CVE-2015-2875

high

Description

Absolute path traversal vulnerability on Seagate GoFlex Satellite, Seagate Wireless Mobile Storage, Seagate Wireless Plus Mobile Storage, and LaCie FUEL devices with firmware before 3.4.1.105 allows remote attackers to read arbitrary files via a full pathname in a download request during a Wi-Fi session.

References

Advisories

https://www.kb.cert.org/vuls/id/GWAN-A26L3F

https://www.kb.cert.org/vuls/id/GWAN-9ZGTUH

https://www.kb.cert.org/vuls/id/903500

Details

Source: Mitre, NVD

Published: 2015-12-31

Updated: 2026-06-17

Risk Information

CVSS v2

Base Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N

Severity: High

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Severity: High

EPSS

EPSS: 0.02345