CVSS: 10.0EPSS: 1%CPEs: 26EXPL: 0CVE-2022-22995 – Western Digital My Cloud OS 5 and My Cloud Home Unauthenticated Arbitrary File Write Vulnerability in Netatalk
https://notcve.org/view.php?id=CVE-2022-22995
25 Mar 2022 — The combination of primitives offered by SMB and AFP in their default configuration allows the arbitrary writing of files. By exploiting these combination of primitives, an attacker can execute arbitrary code. La combinación de primitivas que ofrecen SMB y AFP en su configuración por defecto permite la escritura arbitraria de archivos. Al explotar esta combinación de primitivas, un atacante puede ejecutar código arbitrario It was discovered that Netatalk did not properly protect an SMB and AFP default confi... • https://lists.debian.org/debian-lts-announce/2024/01/msg00000.html • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 10.0EPSS: 1%CPEs: 6EXPL: 1CVE-2020-27744
https://notcve.org/view.php?id=CVE-2020-27744
29 Oct 2020 — An issue was discovered on Western Digital My Cloud NAS devices before 5.04.114. They allow remote code execution with resultant escalation of privileges. Se detectó un problema en los dispositivos NAS de Western Digital My Cloud versiones anteriores a 5.04.114. Permiten una ejecución de código remota con una escalada de privilegios resultante • https://www.comparitech.com/blog/information-security/security-vulnerabilities-80000-devices-update-now • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 10.0EPSS: 3%CPEs: 6EXPL: 1CVE-2020-25765
https://notcve.org/view.php?id=CVE-2020-25765
27 Oct 2020 — Addressed remote code execution vulnerability in reg_device.php due to insufficient validation of user input.in Western Digital My Cloud Devices prior to 5.4.1140. Se abordó una vulnerabilidad de ejecución de código remota en el archivo reg_device.php debido a una comprobación insuficiente de entrada del usuario en los dispositivos Western Digital My Cloud versiones anteriores a 5.4.1140 • https://www.comparitech.com/blog/information-security/security-vulnerabilities-80000-devices-update-now • CWE-20: Improper Input Validation CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 10.0EPSS: 5%CPEs: 6EXPL: 1CVE-2020-27159
https://notcve.org/view.php?id=CVE-2020-27159
27 Oct 2020 — Addressed remote code execution vulnerability in DsdkProxy.php due to insufficient sanitization and insufficient validation of user input in Western Digital My Cloud NAS devices prior to 5.04.114 Se abordó una vulnerabilidad de ejecución de código remota en el archivo DsdkProxy.php, debido a un saneamiento insuficiente y una comprobación insuficiente de entrada del usuario en los dispositivos NAS Western Digital My Cloud versiones anteriores a 5.04.114 • https://www.comparitech.com/blog/information-security/security-vulnerabilities-80000-devices-update-now • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 10.0EPSS: 6%CPEs: 6EXPL: 1CVE-2020-27158
https://notcve.org/view.php?id=CVE-2020-27158
27 Oct 2020 — Addressed remote code execution vulnerability in cgi_api.php that allowed escalation of privileges in Western Digital My Cloud NAS devices prior to 5.04.114. Se abordó una vulnerabilidad de ejecución de código remota en el archivo cgi_api.php, que permitía una escalada de privilegios en dispositivos NAS de Western Digital My Cloud versiones anteriores a 5.04.114 • https://www.comparitech.com/blog/information-security/security-vulnerabilities-80000-devices-update-now • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.8EPSS: 5%CPEs: 6EXPL: 1CVE-2020-27160
https://notcve.org/view.php?id=CVE-2020-27160
27 Oct 2020 — Addressed remote code execution vulnerability in AvailableApps.php that allowed escalation of privileges in Western Digital My Cloud NAS devices prior to 5.04.114 (issue 3 of 3). Se abordó una vulnerabilidad de ejecución de código remota en el archivo AvailableApps.php, que permitía una escalada de privilegios en dispositivos NAS Western Digital My Cloud versiones anteriores a 5.04.114 (número 3 de 3) • https://www.comparitech.com/blog/information-security/security-vulnerabilities-80000-devices-update-now • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.8EPSS: 1%CPEs: 6EXPL: 0CVE-2020-12830
https://notcve.org/view.php?id=CVE-2020-12830
27 Oct 2020 — Addressed multiple stack buffer overflow vulnerabilities that could allow an attacker to carry out escalation of privileges through unauthorized remote code execution in Western Digital My Cloud devices before 5.04.114. Se abordaron múltiples vulnerabilidades de desbordamiento del búfer de pila que podrían permitir a un atacante llevar a cabo una escalada de privilegios por medio de una ejecución de código remota no autorizada en dispositivos Western Digital My Cloud versiones anteriores a 5.04.114 • https://support.wdc.com/downloads.aspx?g=907&lang=en • CWE-787: Out-of-bounds Write •
CVSS: 9.0EPSS: 2%CPEs: 18EXPL: 2CVE-2019-9949
https://notcve.org/view.php?id=CVE-2019-9949
23 May 2019 — Western Digital My Cloud Cloud, Mirror Gen2, EX2 Ultra, EX2100, EX4100, DL2100, DL4100, PR2100 and PR4100 before firmware 2.31.183 are affected by a code execution (as root, starting from a low-privilege user session) vulnerability. The cgi-bin/webfile_mgr.cgi file allows arbitrary file write by abusing symlinks. Specifically, this occurs by uploading a tar archive that contains a symbolic link, then uploading another archive that writes a file to the link using the "cgi_untar" command. Other commands might... • https://bnbdr.github.io/posts/wd • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 9.8EPSS: 0%CPEs: 18EXPL: 0CVE-2019-9950
https://notcve.org/view.php?id=CVE-2019-9950
24 Apr 2019 — Western Digital My Cloud, My Cloud Mirror Gen2, My Cloud EX2 Ultra, My Cloud EX2100, My Cloud EX4100, My Cloud DL2100, My Cloud DL4100, My Cloud PR2100 and My Cloud PR4100 firmware before 2.31.174 is affected by an authentication bypass vulnerability. The login_mgr.cgi file checks credentials against /etc/shadow. However, the "nobody" account (which can be used to access the control panel API as a low-privilege logged-in user) has a default empty password, allowing an attacker to modify the My Cloud EX2 Ult... • https://bnbdr.github.io/posts/wd • CWE-521: Weak Password Requirements •
CVSS: 10.0EPSS: 96%CPEs: 2EXPL: 3CVE-2017-17560 – Western Digital MyCloud - 'multi_uploadify' File Upload
https://notcve.org/view.php?id=CVE-2017-17560
12 Dec 2017 — An issue was discovered on Western Digital MyCloud PR4100 2.30.172 devices. The web administration component, /web/jquery/uploader/multi_uploadify.php, provides multipart upload functionality that is accessible without authentication and can be used to place a file anywhere on the device's file system. This allows an attacker the ability to upload a PHP shell onto the device and obtain arbitrary code execution as root. Se ha descubierto un error en los dispositivos Western Digital MyCloud PR4100 2.30.172. E... • https://packetstorm.news/files/id/145447 • CWE-287: Improper Authentication •