I haven't heard how these people are actually being exploited. When I read the CVE, it makes me think javascript in the browser is reaching out over their LAN and hitting their NAS boxes, but I can't be sure that's whats happening. I can't imagine all these users set up port forwarding or UPnP on their MyBook Live. I would imagine a person buys that type of device because they don't want to or know how to do that kind of management. I'm curious to hear the details about the nuts and bolts of the exploit.
The whole point of my book live was that the user could access their files from remote locations. If I remember correctly the app was called WD2go or something similar. No doubt by setting up this service on their box, it opened up the path to the net. WD after some years then shut down that service, leaving the hole open.
And it's all probably going to happen again with Seagate.
"As of May 15, 2021 the Seagate Access feature of Seagate NAS products will be discontinued. Specifically, the Seagate Access service, Seagate Access through Seagate Sdrive, Seagate Access through Seagate Media App, and Seagate MyNAS will no longer be available after May 15, 2021 at midnight Central European Time. Additionally, customer support for the Seagate Access service will also be discontinued.
The removal of this service means that access to all Seagate NAS devices via the Seagate Access web portal, Seagate Sdrive, Seagate Media App, and Seagate MyNAS will no longer function. However, you will not lose remote access to the files on your Seagate NAS since it can be configured and accessed using the FTP/SFTP service. Similarly, your Seagate NAS will not change for standard network access within the home or office network using common network protocols on macOS and Windows.
Please know that we remain grateful for your purchase of a Seagate NAS and hope you continue to enjoy it despite this change to remote access via Seagate Access, Sdrive, Seagate Media App and MyNAS.
Just don't go and expose all your stuff to the internet.
reply