Seagate confirmed a zero-day vulnerability in one of its network attached storage products, but said it won t have a patch available until May 2015. The vulnerability was publicly disclosed a week ago Sunday by Australian security consultancy Beyond Binary. The issue stems from a number of outdated components upon which the NAS products web-based management application is built. Seagate determined the 0day to be low risk because it affects only those customers exposed to the Internet. It encouraged users to put the NAS boxes behind a firewall when using them exclusively on internal networks.
Source: https://threatpost.com/seagate-confirms-nas-zero-day-wont-patch-until-may/111513/