CVE-2018-12295 (nas_os)

SQL injection in folderViewSpecific.psp in Seagate NAS OS version 4.3.15.1 allows attackers to execute arbitrary SQL commands via the dirId URL parameter.
Source: NIST
CVE-2018-12295 (nas_os)