CVE-2020-6627 (stcg2000300_firmware, stcg3000300_firmware, stcg4000300_firmware)
The web-management application on Seagate Central NAS STCG2000300, STCG3000300, and STCG4000300 devices allows OS command injection via mv_backend_launch in cirrus/application/helpers/mv_backend_helper.php by leveraging the “start” state…